Semperis

Senior Technical Cyber Risk Analyst

Semperis

full-time

Posted on:

Location Type: Hybrid

Location: PhoenixArizonaUnited States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

CloudServiceNow

About the role

  • Safeguarding the organization's assets and ensuring operational resilience by identifying and assessing potential Cyber Risks of all incoming vendors, third parties, services, and technology
  • Collaborate with cross-functional teams and third-party vendors to request, collect, and analyze pertinent information and collateral
  • Conduct technology risk assessments across new and existing applications
  • Ensure comprehensive documentation is maintained for all approved and denied exceptions
  • Collect, process, and interpret multiple sources of data to model Cyber Risk scenarios and translate findings into measurable business risk statements
  • Track risk plan milestones and drive issue management
  • Develop mitigation strategies, recommend strategies to reduce, transfer, or avoid Cyber Risks
  • Perform security assessments of new and existing third-party vendors and service providers
  • Utilize and manage the corporate GRC platform and risk management tools to streamline risk workflows
  • Respond to customer, partner, or compliance questionnaires related to product security
  • Gather evidence and documentation required for internal and external security audits

Requirements

  • 5+ years of relevant experience in Information Security, IT Risk Management, IT Audit, or GRC, with a heavy focus on technology risk
  • Deep working knowledge of key GRC concepts, risk assessment methodologies, and industry frameworks (e.g., NIST SP 800-53/CSF, ISO 27001)
  • Proven, hands-on experience using and configuring modern GRC platforms for risk management, policy management, and compliance automation. Experience in configuring and using tools such as Archer, ServiceNow, MetricStream or Vanta preferred
  • Experience with IT and Security tools, SaaS / other Cloud technologies and/or software development
  • Certifications: CRISC, CISM, CISA, or similar recognized security and risk management certifications
  • Bachelor’s degree in computer science, Information Security, or a related field
  • Must be a US Citizen.
Benefits
  • Semperis has been recognized as one of America’s Fastest-Growing Cybersecurity Companies
  • a DUNS 100 Top Startup to Work For
  • multi-year Inc. Best Workplace awardee
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Cyber Risk AssessmentRisk ManagementSecurity AssessmentData AnalysisMitigation StrategiesCompliance AutomationDocumentation ManagementIssue ManagementRisk ModelingTechnology Risk
Soft Skills
CollaborationCommunicationProblem SolvingAnalytical ThinkingAttention to DetailOrganizational SkillsInterpersonal SkillsStakeholder EngagementAdaptabilityCritical Thinking
Certifications
CRISCCISMCISAISO 27001NIST SP 800-53NIST CSF