Cybersecurity Risk Analyst

The Cybersecurity Risk Analyst is responsible for identifying, assessing, and mitigating cybersecurity risks across organizational systems, applications, and processes. This role supports security governance, risk assessments, and compliance initiatives to protect organizational assets and ensure alignment with regulatory and industry standards. The position operates fully remotely and requires strong analytical skills, technical cybersecurity knowledge, and the ability to communicate risk effectively to both technical and non-technical stakeholders.

This position is strictly limited to candidates who currently reside in the United States and are legally authorized to work in the U.S. Applications from individuals residing outside the United States will be rejected.

Key Responsibilities

Conduct cybersecurity risk assessments across infrastructure, applications, and third-party vendors

Identify threats, vulnerabilities, and security gaps and assess potential business impact

Develop risk reports, dashboards, and mitigation recommendations for leadership

Collaborate with IT, compliance, and security teams to implement risk remediation strategies

Monitor and evaluate cybersecurity controls to ensure effectiveness and compliance

Support governance, risk, and compliance (GRC) activities and audit preparation

Maintain risk registers and track remediation efforts to completion

Analyze security incidents and contribute to post-incident risk evaluations

Stay current on cybersecurity threats, regulations, and industry best practices

Assist in developing security awareness and risk management policies

Required Qualifications

Bachelors degree in Cybersecurity, Information Technology, Computer Science, or related field

3–5 years of experience in cybersecurity, information security, or risk analysis roles

Strong understanding of risk assessment methodologies and cybersecurity frameworks

Knowledge of security principles including network security, identity management, and data protection

Experience with risk management tools or GRC platforms

Strong analytical and problem-solving skills

Excellent written and verbal communication abilities

Ability to work independently and collaborate effectively in a remote environment

Preferred Qualifications

Professional certifications such as CISSP, CISM, CRISC, Security+, or equivalent

Familiarity with frameworks and standards כגון NIST, ISO 27001, SOC 2, or CIS Controls

Experience with cloud security (AWS, Azure, or GCP)

Knowledge of regulatory requirements (HIPAA, PCI-DSS, GDPR, etc.)

Experience conducting third-party/vendor risk assessments

Performance-Based Bonus: Eligible depending on organizational and security objectives

Benefits

Comprehensive medical, dental, and vision insurance

401(k) retirement plan with employer matching

Paid time off, paid holidays, and sick leave

Life, short-term, and long-term disability insurance

Flexible remote work arrangement

Professional development, security certifications, and training reimbursement

Employee wellness and assistance programs

Work Authorization & Residency Requirement

Must be legally authorized to work in the United States

Must currently reside within the United States

Applications from candidates outside the U.S. will not be considered