Protective Security Officer supporting information security and physical security processes at Telia. Collaborating with clients and team members for effective security management.
About the role
- Senior Cybersecurity Risk & Compliance Analyst responsible for executing cybersecurity risk management and compliance monitoring at Kennametal. Collaborating with stakeholders to identify and mitigate cybersecurity risks.
Responsibilities
- Lead structured cybersecurity risk assessments across business, IT, and OT environments.
- Perform qualitative and quantitative risk analysis using recognized methodologies (e.g., NIST 800-30, FAIR, OCTAVE).
- Maintain cybersecurity risk register entries, including risk statements, impact analysis, likelihood assessments, and remediation tracking.
- Monitor and report the status and effectiveness of risk mitigation plans.
- Develop and present cybersecurity risk status metrics and summaries for leadership review.
- Serve as a subject-matter expert for cybersecurity risk identification and treatment guidance.
- Identify confidentiality, integrity, and availability (CIA) requirements for information assets.
- Support Kennametal’s information classification and data protection programs.
- Provide risk-based input into data protection controls, including Data Loss Prevention (DLP) strategies.
- Advise stakeholders on appropriate handling, labeling, and protection of sensitive data.
- Research and investigate laws and compliance requirements related to information security, including data privacy, data protection, and data breach disclosure.
- Support internal and external audit activities by providing risk and control documentation.
- Assist in mapping cybersecurity risks to compliance obligations and control frameworks.
- Track compliance-related remediation actions and report status to stakeholders.
- Act as a trusted advisor to business and IT stakeholders on cybersecurity risk topics.
- Collaborate with SOC, IT Operations, Security Engineering, Legal, Privacy, and Third-Party Risk teams.
- Translate technical cybersecurity risks into business-impact language for non-technical audiences.
Requirements
- 3-5 Years relevant work experience
- Bachelor’s degree in information security, Information Systems, Computer Science, or related field
- 5–8 years of experience in cybersecurity risk management, GRC, or enterprise risk roles
- Demonstrated hands-on experience conducting formal cybersecurity risk assessments
- Working knowledge of major cybersecurity frameworks (NIST RMF, NIST CSF, ISO 27001)
- Strong written and verbal communication skills
- Ideal but not required: Experience working in a global enterprise environment, Exposure to data privacy and regulatory compliance (GDPR, U.S. breach laws, SOX), Familiarity with IT service management concepts (ITIL), Experience with enterprise risk management programs or GRC platforms, CISSP, CISM, CRISC, or similar certification.
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development opportunities
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Application Security Lead at Mastercard enhancing application security and collaborating with development teams. Leading initiatives, guiding secure coding practices, and fortifying cybersecurity posture.
Senior Cloud Security Architect for Texas state government project. Designing secure cloud architectures and integrating security in DevSecOps pipelines.
Linux Network Security Engineer at Booz Allen Hamilton architecting and deploying Endace packet capture systems across a distributed enterprise. Integrating with analytics ecosystems and ensuring optimal performance.
Product Manager responsible for managing Microsoft Security Services portfolio at Softchoice. Engaging with customers, Microsoft and stakeholders to drive market success and growth.
Information System Security Officer detecting and documenting security configurations for government solutions. Collaborating with teams to provide secure and effective solutions against advanced cyber threats.
IT Infrastructure and Security Administrator overseeing management and maintenance of IT systems at Avive Solutions. Focused on user devices, networks, and authentication systems.
Systems Administrator managing IT support and compliance activities in a tech - oriented company. Leading infrastructure design and security measures while collaborating with managed service providers.
Cyber Security Expert supporting project teams with structured risk assessments and compliance documentation at Nordex wind farms. Collaborating closely with Information Security to ensure secure operations.
OT Cybersecurity Engineer enhancing cybersecurity in industrial environments. Ensuring compliance with cybersecurity standards and collaborating across engineering, IT, and product teams.