Apex Systems
Sr Cyber Risk Analyst
Apex Systems, Findlay, Ohio, us, 45839
Job#: 2038918
Job Description:
Position Summary We are seeking a highly skilled and experienced Senior Cybersecurity Analyst to join our Risk team within the Cybersecurity Governance, Risk, and Compliance (GRC) organization. The successful candidate will be responsible for assessing and analyzing cybersecurity risks and identifying appropriate mitigation measures for Information Technology (IT) and Operational Technology (OT) environments, systems, and third-party solutions. The Senior Cybersecurity Analyst will ensure appropriate controls are in place to mitigate risks by working closely with business partners, including IT and OT program and process owners. The Senior Cybersecurity Analyst will develop and implement cyber risk assessment techniques to identify and pre-empt security risks. This role involves demonstrating business risks associated with these vulnerabilities and providing risk treatment and prioritization strategies. The analyst will perform comprehensive risk assessments and be responsible for continuously monitoring and reviewing these assessments. The analyst should have in-depth knowledge of NIST standards and frameworks such as the NIST Cybersecurity Framework (CSF), NIST 800-30, NIST 800-37, NIST 800-53, and NIST 800-82. Effective communication of cyber risks to business stakeholders and collaboration with various departments to ensure a clear understanding of these risks is essential. The analyst will manage cybersecurity risks specific to IT and OT environments and third-party solutions, ensuring compliance with organizational policies. Additionally, the analyst will stay updated with the latest cybersecurity trends and recommend improvements to existing cybersecurity policies, procedures, and tools. *This position belongs to a family of jobs with increasing responsibility, competency, and skill level. Actual position title and pay grade will be based on the selected candidate's experience and qualifications. Key Responsibilities
Conducts detailed analyses on controls related to complex business processes and systems and relationship to other internal and external systems to assess business impact of the security issues.Drives the resolution of routine multi-functional technical issues. Oversees, advises on and manages Cybersecurity assessments and associated risks.Develops and evaluates efficiency and effectiveness of security processes and controls through creation and maintenance of detailed security and/or compliance reports, as necessary.Analyzes and maintains security audits and reports, monitors security advisory groups, and assist with security incidents and intrusions.Leads implementation of global security initiatives, policies, and compliance requirements. Develops and tracks metrics related to cybersecurity; uses existing cybersecurity tools for running web application scanning, vulnerability scanning and external pentests and help with the remediation effort.Manages cyber security-related consulting, guidance, and support to customers and stakeholders.Translates security principles to assist configuration teams with incorporating security into build and configuration processes.Monitors emerging Information Technology/Operations Technology and cybersecurity technologies as well as their impact on the security landscape.
Education and Experience
Bachelor's Degree in Information Technology, related field or equivalent experience.Professional certification, e.g. Security+, Network+, CISA, CRISC, CISSP preferred.5+ years of relevant experience required.
Skills
Cybersecurity Research - Applies technical knowledge of the latest data, developments, and trends in the cybersecurity world to identify cybersecurity vulnerabilities within an organization
Job Description:
Position Summary We are seeking a highly skilled and experienced Senior Cybersecurity Analyst to join our Risk team within the Cybersecurity Governance, Risk, and Compliance (GRC) organization. The successful candidate will be responsible for assessing and analyzing cybersecurity risks and identifying appropriate mitigation measures for Information Technology (IT) and Operational Technology (OT) environments, systems, and third-party solutions. The Senior Cybersecurity Analyst will ensure appropriate controls are in place to mitigate risks by working closely with business partners, including IT and OT program and process owners. The Senior Cybersecurity Analyst will develop and implement cyber risk assessment techniques to identify and pre-empt security risks. This role involves demonstrating business risks associated with these vulnerabilities and providing risk treatment and prioritization strategies. The analyst will perform comprehensive risk assessments and be responsible for continuously monitoring and reviewing these assessments. The analyst should have in-depth knowledge of NIST standards and frameworks such as the NIST Cybersecurity Framework (CSF), NIST 800-30, NIST 800-37, NIST 800-53, and NIST 800-82. Effective communication of cyber risks to business stakeholders and collaboration with various departments to ensure a clear understanding of these risks is essential. The analyst will manage cybersecurity risks specific to IT and OT environments and third-party solutions, ensuring compliance with organizational policies. Additionally, the analyst will stay updated with the latest cybersecurity trends and recommend improvements to existing cybersecurity policies, procedures, and tools. *This position belongs to a family of jobs with increasing responsibility, competency, and skill level. Actual position title and pay grade will be based on the selected candidate's experience and qualifications. Key Responsibilities
Conducts detailed analyses on controls related to complex business processes and systems and relationship to other internal and external systems to assess business impact of the security issues.Drives the resolution of routine multi-functional technical issues. Oversees, advises on and manages Cybersecurity assessments and associated risks.Develops and evaluates efficiency and effectiveness of security processes and controls through creation and maintenance of detailed security and/or compliance reports, as necessary.Analyzes and maintains security audits and reports, monitors security advisory groups, and assist with security incidents and intrusions.Leads implementation of global security initiatives, policies, and compliance requirements. Develops and tracks metrics related to cybersecurity; uses existing cybersecurity tools for running web application scanning, vulnerability scanning and external pentests and help with the remediation effort.Manages cyber security-related consulting, guidance, and support to customers and stakeholders.Translates security principles to assist configuration teams with incorporating security into build and configuration processes.Monitors emerging Information Technology/Operations Technology and cybersecurity technologies as well as their impact on the security landscape.
Education and Experience
Bachelor's Degree in Information Technology, related field or equivalent experience.Professional certification, e.g. Security+, Network+, CISA, CRISC, CISSP preferred.5+ years of relevant experience required.
Skills
Cybersecurity Research - Applies technical knowledge of the latest data, developments, and trends in the cybersecurity world to identify cybersecurity vulnerabilities within an organization