Coterie is seeking a Senior Risk Management Analyst to help design, build and mature key capabilities within our Information Security Risk Management program.
In this role, you will support governance, risk management, privacy, compliance and continuity/disaster recovery (BC/DR) initiatives.
Identify opportunities to streamline and enhance GRC processes.
Stay curious and proactive in exploring new solutions and methodologies to improve the organization’s risk management and compliance practices.
Execute risk assessments including scoping, threat and risk scenario identification, and all aspects of the risk assessment process.
Identify areas of opportunity to reduce residual risk to a level consistent with risk appetite, and collaborate with Risk Management Manager, CISO and other security team members to build out the security capability road map.
Support teams in conducting Business Impact Analysis (BIA), assist in planning recovery tests, and provide expert consultation to strengthen business continuity and disaster recovery (BCDR) strategies.
Identify and analyze single points of failure in business processes, systems, and infrastructure, and collaborate with relevant stakeholders to implement risk mitigation strategies.
Contribute to the management and maturity of our third-party risk management program.
Support Service Organization Control (SOC 2, SOC 1) program through evidence gathering, testing, and coordination with auditors and stakeholders.
Execute the security awareness program. Work collaboratively and support cross-functional teams in assessing and mitigating risks related to regulatory compliance, data privacy, information security, and business continuity.
Strong desire to drive efficiencies, make risk-based decisions, implement automation, and recommend and track meaningful KPIs and KRIs. Development and administration of Coterie’s Information Security Program documents including policies, standards, plans and controls library. Ability to work independently on complex programs and assignments with diverse teams and perform other duties as assigned.

Requirements

Passion for Risk Management.
3+ years of experience in Governance, Risk, and Compliance (GRC) roles; minimum 1 year of direct Business Continuity Planning/Disaster Recovery experience required
Experience conducting Business Impact Assessments (BIA) and developing recovery strategies
Excellent analytical skills with the ability to assess complex problems, analyze data, and develop practical solutions.
Strong sense of accountability with the ability to work independently with minimal direction and follow-up.
Experience in designing controls (capabilities) and measures to determine if controls are operating effectively.
Experience with security frameworks such as the NIST Cybersecurity Framework.
Strong written and verbal communication skills including the ability to translate technical topics to non-technical audiences.
Effectively manage time and prioritize tasks to ensure timely completion of multiple projects while maintaining high quality and attention to detail.
Project management skills with the ability to prioritize and manage various tasks, multiple projects simultaneously, and operational deliverables.
High level of integrity, professionalism, and attention to detail.

Benefits

100% remote
Health insurance through Aetna (we pay 100% of premiums)
Dental and vision insurance through Guardian (we pay 100% of premiums)
Basic life insurance (we pay 100% of premiums)
Access to flexible spending account (FSA) or health savings account (HSA) (for those using HSA eligible plans)
401K plan (up 4% match with immediate vest).
Flexible PTO policy offering up to 3 weeks of time off to support onboarding and integration during the first twelve months of employment.
12 company-paid holidays each year
Continuing education annual stipend

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Governance, Risk, and Compliance (GRC)Business Continuity PlanningDisaster RecoveryBusiness Impact Assessments (BIA)Risk AssessmentNIST Cybersecurity FrameworkRisk Mitigation StrategiesSecurity Awareness ProgramControl DesignKPI and KRI Tracking

Soft Skills

Analytical SkillsAccountabilityCommunication SkillsTime ManagementProject ManagementAttention to DetailIndependenceCollaborationCuriosityProactivity