Cybersecurity and Risk Management Analyst

$124,800 - $145,600/Yr

Suna Solutions - San Jose, CA

posted 10 days ago

Full-time - Mid Level
San Jose, CA
Professional, Scientific, and Technical Services

About the position

The Cybersecurity and Risk Management Analyst position at Suna Solutions involves conducting security risk assessments, collaborating with cross-functional teams, and communicating security risks to stakeholders. The role focuses on maintaining a security risk register, tracking remediation efforts, and contributing to risk analysis and reporting. This position is essential for ensuring compliance with organizational policies and enhancing the overall security posture of the organization.

Responsibilities

  • Conduct security risk assessments to identify, score, and document potential risks from threats and vulnerabilities within the organization's infrastructure and applications.
  • Perform control effectiveness assessments by collaborating with cross-functional teams to understand technical implementations and assess control strength.
  • Communicate identified security risks and their potential impact to stakeholders, including technical and non-technical audiences.
  • Track and report on the status of risk remediation efforts, ensuring timely resolution and compliance with organizational policies.
  • Maintain security risk register and ensure timely updates of the risk register.
  • Contribute to performing risk aggregation and risk analysis to identify top risks and areas of focus/improvement for prioritization.
  • Contribute to developing detailed reports and presentations on risk assessments, including identified aggregated top risks, risk treatment progress, trending, and escalation.
  • Ensure these reports are understandable to technical and non-technical stakeholders, including senior management.
  • Demonstrate a process-oriented, results-driven approach to security risk engineering, employing effective problem-solving and communication skills to serve as a subject matter expert and trusted advisor.
  • Actively contribute to the administration, maintenance, and process improvements of the GRC risk assessment program.
  • Perform other job duties as required.

Requirements

  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • 5+ years of experience in security risk assessment, with a strong background in cybersecurity and risk management.
  • Hands-on working knowledge and experience in risk management frameworks such as NIST RMF, FAIR, and OWASP.
  • Strong technical knowledge of security controls, including access controls, encryption, network security, and vulnerability management.
  • Demonstrated experience working within a GRC framework, with an understanding of regulatory and compliance requirements (e.g., PCI DSS, SOC).
  • Proven ability to work collaboratively with engineering teams to assess and mitigate security risks.
  • Experience with security risk remediation programs, including technical implementation and compliance considerations.
  • Strong analytical and problem-solving skills, with attention to detail and accuracy.
  • Strong collaboration skills, with experience working cross-functionally with IT, Engineering, and other stakeholders.
  • Excellent communication skills, capable of translating technical concepts into actionable insights for both technical and non-technical stakeholders.
  • Experience in identifying process improvements and enhancing operational efficiencies within security programs.
  • Experience with GRC Risk Management tool including tool implementation.

Nice-to-haves

  • Experience with security assessment tools and methodologies.
  • Knowledge of cloud security best practices and technologies (e.g., AWS, Azure, GCP).
  • Strong project management skills with the ability to prioritize tasks and manage multiple projects simultaneously.
  • Certifications like PMP, CISSP, or CISM are a plus but not required.

Benefits

  • Health insurance
  • Dental insurance
  • Vision insurance
  • 401(k)

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service