×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant Data Security

Sr. Analyst, Cybersecurity

Job in Richmond, Henrico County, Virginia, 23214, USA
Listing for: CarMax
Full Time position
Listed on 2026-02-21
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, Data Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

8116 - Midtown Office - 2220 W. Broad Street, Richmond, Virginia, 23220

Car Max, the way your career should be!

Do you want to play a key role in enhancing the Cybersecurity program for a Fortune 200 company and national brand that has also been listed on the Fortune 100 Best Places to Work for the past 21 years in a row? Do you enjoy working in a collaborative environment where your ideas can help shape the direction and development of critical cybersecurity capabilities?

Do you want to work with a team of talented professionals that have in-depth technical knowledge and be the subject matter expert in technology governance, risk management, compliance, and audit requirements? Then your job search begins and ends here….

Who We Are Looking For

A Senior Technology/Information Risk Analyst with experience in the areas highlighted below. This is a unique opportunity to work at a Fortune 200 company and national brand to expand your skills and influence a growing Information Risk Management Program. This opportunity provides the ability to work with the Technology teams to effectively manage information risk and perform risk assessments. You will work with senior risk management and technology professionals to design and facilitate cybersecurity risk assessments on existing technology, processes to accommodate new business areas as well as changes in our risk profile and provide support across our information risk management framework activities.

You will assist the Cybersecurity, technology, compliance, and information risk teams in identifying risks, developing recommendations to mitigate risk, manage information security policies, and assist with the company-wide information security awareness program, including design and management of the annual Information Security Training.

The Day To Day
  • As a key member of a high performing information risk management team, support, execute and maintain a framework for information risk management including validation, weighting, and classification methods.
  • Perform information security risk assessments, understand threats, vulnerabilities and exposures associated with confidentiality, integrity and availability of information.
  • Help develop related processes and procedures to ensure and enforce compliance with all company policies, applicable laws, and regulatory requirements regarding information security, privacy, and data integrity as well as reducing vulnerabilities.
  • Assist with the development and delivery of information security risk related training and awareness programs.
  • Assist with analysis of security vulnerabilities, developing risk-based business recommendations.
  • Administer governance, risk and compliance systems and processes owned by the department.
  • Assist in preparation of accurate and timely communications of risks, recommendations and conclusions as well as evaluating management mitigation plans.
  • Assist in developing automated risk assessment tools and processes.
  • Gathers data, conducts analyses, and prepares related risk reporting.
  • As an integral member of the team, exhibiting ownership, follow-through, initiative, awareness and effective communication with peers and management and ability to speak to details of information risk management
Information Risk Methodology
  • Ability to help design and implement industry standard technology risk management practices across the enterprise.
  • Champion the information risk management methodology by demonstrating ownership of the design aspects of the operations lifecycle.
  • Passionate about support & ownership of threat areas of Cybersecurity.
  • Understand level of risks and exposure as it relates to systems, services, and networks.
  • Driver of security awareness type activities with proven results.
Here’s the technology part… Experience With The Following Required
  • Ability to understand the business requirements as well as provide a proposal of the appropriate information risk resolution to computer threats.
  • Ability to understand the business processes supported across all team’s environments.
  • Understanding of key compliance regulations such as Sarbanes‑Oxley, GLBA, HIPAA, CFPB, and Payment Card Industry (PCI), plus external…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search