Cyber Security Analyst role supporting USAF Cloud One Architecture and common shared services contract. Involves compliance monitoring, incident response, and collaboration with cybersecurity teams.
About the role
- Cyber Risk Analyst at Semperis safeguarding organizational assets through risk analysis and mitigation. Collaborating with vendors and cross-functional teams to assess and control Cyber Risks.
Responsibilities
- Safeguarding the organization's assets and ensuring operational resilience by identifying and assessing potential Cyber Risks of all incoming vendors, third parties, services, and technology
- Collaborate with cross-functional teams and third-party vendors to request, collect, and analyze pertinent information and collateral
- Conduct technology risk assessments across new and existing applications
- Ensure comprehensive documentation is maintained for all approved and denied exceptions
- Collect, process, and interpret multiple sources of data to model Cyber Risk scenarios and translate findings into measurable business risk statements
- Track risk plan milestones and drive issue management
- Develop mitigation strategies, recommend strategies to reduce, transfer, or avoid Cyber Risks
- Perform security assessments of new and existing third-party vendors and service providers
- Utilize and manage the corporate GRC platform and risk management tools to streamline risk workflows
- Respond to customer, partner, or compliance questionnaires related to product security
- Gather evidence and documentation required for internal and external security audits
Requirements
- 5+ years of relevant experience in Information Security, IT Risk Management, IT Audit, or GRC, with a heavy focus on technology risk
- Deep working knowledge of key GRC concepts, risk assessment methodologies, and industry frameworks (e.g., NIST SP 800-53/CSF, ISO 27001)
- Proven, hands-on experience using and configuring modern GRC platforms for risk management, policy management, and compliance automation. Experience in configuring and using tools such as Archer, ServiceNow, MetricStream or Vanta preferred
- Experience with IT and Security tools, SaaS / other Cloud technologies and/or software development
- Certifications: CRISC, CISM, CISA, or similar recognized security and risk management certifications
- Bachelor’s degree in computer science, Information Security, or a related field
- Must be a US Citizen.
Benefits
- Semperis has been recognized as one of America’s Fastest-Growing Cybersecurity Companies
- a DUNS 100 Top Startup to Work For
- multi-year Inc. Best Workplace awardee
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Cyber Security Analyst at GDIT identifying and mitigating cyber threats while ensuring compliance with NIST and ISO standards. Involves oversight of security controls and enterprise risk assessments.
Junior Information Security Analyst focusing on identity and access management at Evertec. Supporting operational activities and collaborating with IT and security teams in a hybrid setting.
Senior Cybersecurity Engineer at 3CON responsible for detection and response engineering in Brazilian pharmaceutical retail. Collaborating with teams and improving security controls continuously.
Lead Security Analyst managing operational guidance and analytical oversight for security across crisis regions. Collaborating for timely decision - making and information delivery to clients in the field.
Analista de Segurança da Informação na Minsait investigando e respondendo a incidentes de segurança. Envolvimento em gestão de vulnerabilidades e boas práticas de segurança.
Senior Security Analyst providing advanced cybersecurity services in Stockholm and Malmö. Monitoring environments and handling incidents while collaborating with clients to ensure cybersecurity resilience.
Staff Cybersecurity Analyst focusing on cloud security for Southern Glazer’s. Leading security assessments, managing incidents, and collaborating with teams to enhance security posture.
Analyst supporting Nuclear Cyber Security program at Duke Energy. Addressing cyber security threats and managing compliance across multiple nuclear operations.
Security Analyst investigating employee fraud and misconduct for PNC across multiple US locations. Responsibilities include analyzing bank activities to minimize risk and detect suspicious activities.