You will own the analysis and mitigation of systemic security risks across technology domains.
Responsibilities
- Analyze systems, architectures, and processes to identify security vulnerabilities and risks.
- Design and implement risk mitigation strategies with cross-functional teams.
- Conduct root cause analysis of recurring security issues and propose remediation plans.
- Develop and refine GRC metrics and dashboards to track risk reduction.
- Contribute to incident response post mortem activities to identify residual risk.
Required Skills
- 5+ years of experience in a cybersecurity function (GRC, security engineering, or risk management).
- Bachelor’s degree focusing on information technology, cybersecurity, or technology audit.
- Experience with risk and compliance frameworks (NIST-CSF, NIST-AI RMF, COBIT, ISO27001, Data Privacy).
- Proven track record identifying and reducing systemic security risks in complex environments.
- Strong understanding of enterprise IT systems, networks, cloud platforms, and security architectures.
- Understanding of emerging AI/LLM technologies and associated security risks.
- Ability to communicate security risk concepts to both technical and non-technical stakeholders.
- Familiarity with ServiceNow GRC/IRM systems.
- Excellent analytical, communication, and project management skills.
Preferred Skills
- Certifications such as CISSP, CRISC, or Security+.
- Experience working with security tiger, red/blue/purple teams.