As a Cybersecurity Risk and Governance Analyst, you will join an experience team of Cybersecurity experts and you will work directly with the Chief Security Officer to integrate risk controls seamlessly into the organization’s strategic goals, helping to safeguard operations, reputation, and compliance in a fast‑paced, regulated environment. More specifically, your duties will be the following:
- Risk Assessment & Prioritization: Identify and quantify cyber risks to critical business functions, then prioritize mitigation efforts to minimize disruptions, breaches, and non‑compliance impacts.
- Governance Alignment: Embed cybersecurity risk management into business objectives, collaborating with stakeholders to balance security requirements against agility and innovation needs.
- Control Validation: Conduct security architecture reviews, authorization assessments, and assurance case development to confirm controls (networks, applications, systems) meet agreed protection levels.
- Trend Analysis & Reporting: Perform cyber‑risk trend analysis, cost‑benefit evaluations of security measures, and produce clear reports for senior management.
- Remediation Planning: Build and track remediation plans arising from risk assessments, audits, and regulatory findings, ensuring timely implementation of security policies and procedures.
- Regulatory Expertise: Leverage knowledge of frameworks (ISO 27001, NIST CSF/RMF, ISO 27005) and standards (PCI DSS, EU DORA) to guide risk‑based decisions and governance documentation.
