Cyber Security Compliance & Risk Analyst providing guidance and compliance support for security policies. Identifying risks, ensuring remediation, and collaborating across departments to enhance security effectiveness.
About the role
- Senior Cybersecurity GRC Associate managing information security governance, risk assessments, and compliance at Corient. Join a team dedicated to supporting high-net-worth individuals in wealth preservation.
Responsibilities
- Maintain and enhance the Information Security Policy Framework, ensuring alignment with regulatory requirements and industry standards (e.g., NIST, ISO, CIS).
- Collaborate with stakeholders to ensure policies are understood, adopted, and enforced across the organization.
- Implement and operationalize GRC platform; create and maintain automated workflows, associated processes, and related documentation.
- Maintain the enterprise Information Security Risk Register and perform periodic and ad hoc risk assessments.
- Monitor and report on meaningful metrics and reporting, including Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs).
- Support risk treatment planning and execution, ensuring alignment with the organization’s risk appetite.
- Perform third party risk assessments and ongoing oversight activities.
- Facilitate security compliance framework assessments, control narrative creation, and evidence collection.
- Conduct control testing, identify deficiencies, and drive remediation efforts.
- Support the development and ongoing maintenance of an integrated control framework to assess and monitor compliance.
- Promote a security-first mindset across the organization.
- Contribute to the development and delivery of security awareness programs.
Requirements
- Bachelor’s degree or equivalent experience; relevant certifications preferred (e.g., CBCP, MBCP, MBCI, FBCI)
- 3-6+ years’ experience in cybersecurity GRC and/or BC/DR roles, ideally within financial services.
- Strong analytical and critical thinking skills and the ability to organize work in a logical, thorough, and succinct manner.
- Highly self-motivated, results-orientated, and self-directed to handle multiple ongoing tasks.
- Flexibility to adapt to changing assignments and ability to effectively prioritize.
- Effective written and verbal English communication at all levels.
- Demonstrated ability to operate and innovate in a small team with a fast‐paced environment, balancing both strategic and tactical needs.
Benefits
- 401(k) Plan with Employer Matching
- Four Medical Plan options that is generously subsidized by Corient
- Employer paid Dental, Vision & Life and AD&D Insurance
- Employer paid Short-term & Long-term Disability
- Paid Maternity & Parental Leave
- Flexible Spending Accounts & Health Savings Accounts
- Dependent Care FSA
- Commuter & Transit FSA
- Corporate Discount Program - Perkspot
- Training Reimbursement
- Paid Professional Designations
- Giving back to the community - Volunteer days
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Cybersecurity Specialist at Telefónica Tech supporting user access within minimal privilege principles. Ensuring compliance and coordination with internal security processes.
CISO responsible for cybersecurity strategy, operations, and regulatory compliance in leading blockchain ecosystem. Managing risk and fostering security culture within the organization.
Security Engineering Lead at Outset overseeing security policies, compliance, and hands - on security engineering. Collaborating with teams to ensure secure product infrastructure and practices.
Senior Penetration Tester working on TIBER and Red Team assignments in high - security sectors. Collaborate with experts to deliver comprehensive security assessments and enhance organizational security.
Senior Security Delivery Engineer safeguarding digital infrastructure at nbn by embedding security into CI/CD pipelines. Collaborating within DevSecOps teams to ensure resilient platforms.
Senior Cloud Security Engineer at Semperis focusing on preventative security and cloud architecture. Collaborating with teams to enhance security around cloud environments and regulatory requirements.
Product Manager driving secure communications solutions in a highly regulated environment. Collaborating with cross - functional teams to deliver product lifecycle from planning to field adoption.
Cybersecurity Shift Lead at PwC focusing on overseeing cybersecurity operations for clients. Leading teams and ensuring operational excellence during shifts across cybersecurity towers.
Manager overseeing Identity and Access Management services at PwC. Collaborating with stakeholders to drive cyber resilience and compliance in complex environments.