Risk Analyst
GuidePoint Security
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteJob Level
Junior
Tech Stack
Cyber Security
About the role
- Serve as a dedicated cybersecurity risk management consultant supporting the client’s information security, governance, risk, and compliance (GRC) program.
- Complete client onboarding requirements, including device provisioning, account setup, and any required training.
- Review and gain familiarity with the client’s risk management stakeholders, processes, policies, historical assessments, and program objectives.
- Strong ability to work independently and multi-task on assigned projects.
- Support ongoing risk management activities, including:
- Maintaining and updating information security, GRC, and key risk indicator (KRI) metrics.
- Supporting the information security issue management process in AuditBoard.
- Documenting and inputting risks into the client’s risk register.
- Performing risk mapping to align identified risks with applicable frameworks and controls.
- Maintaining and revising risk-related policies, standards, and procedures.
- Supporting risk reporting and presentation deck updates for executive and committee reviews.
- Participating in assigned risk committees and working groups.
- Documenting processes for cybersecurity risk management to ensure repeatability and transparency.
- Deliver clean, consistent, and actionable risk reporting, leveraging PowerPoint or similar visualization tools.
- Maintain regular communication with client stakeholders, providing advisory guidance on maturing the overall risk management capability.
- Collaborate with other GuidePoint practices to ensure alignment and comprehensive client support.
- Stay current on relevant cybersecurity and risk management standards and industry best practices, incorporating them into service delivery.
- Demonstrate professionalism, adaptability, and strong self-management skills while working independently within the client environment.
Requirements
- 1-3 years education and/or experience in cybersecurity with at least 1 year focused on risk management and/or GRC.
- Working knowledge of risk management frameworks such as ISO 31000, ISO/IEC 27005, NIST 800-30, and FAIR.
- Familiarity with security frameworks including: NIST CSF, NIST 800-30, ISO 31000, COSO and others.
- Experience using GRC tools.
- Excellent written and verbal communication skills; able to translate complex information for both technical and executive audiences.
- Self-driven; able to manage schedules, meet deadlines, coordinate with others, perform tasks, and work independently with minimal supervision.
- Excellent project management skills, with the ability to work with multiple deadlines and priorities.
- Demonstrated ability to work independently in a client-facing consulting environment.
Benefits
- Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options)
- Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
- 12 corporate holidays and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
- Pet Benefit Option
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecurityrisk managementgovernance, risk, and compliance (GRC)risk mappingrisk reportingrisk indicator (KRI) metricsISO 31000NIST 800-30FAIRNIST CSF
Soft skills
communication skillsself-managementadaptabilityproject managementindependencemulti-taskingprofessionalismcollaborationadvisory guidancetranslating complex information