Description

You will own the analysis and mitigation of systemic security risks across technology domains.

Responsibilities

  • Analyze systems, architectures, and processes to identify security vulnerabilities and risks.
  • Design and implement risk mitigation strategies with cross-functional teams.
  • Conduct root cause analysis of recurring security issues and propose remediation plans.
  • Develop and refine GRC metrics and dashboards to track risk reduction.
  • Contribute to incident response post mortem activities to identify residual risk.

Required Skills

  • 5+ years of experience in a cybersecurity function (GRC, security engineering, or risk management).
  • Bachelor’s degree focusing on information technology, cybersecurity, or technology audit.
  • Experience with risk and compliance frameworks (NIST-CSF, NIST-AI RMF, COBIT, ISO27001, Data Privacy).
  • Proven track record identifying and reducing systemic security risks in complex environments.
  • Strong understanding of enterprise IT systems, networks, cloud platforms, and security architectures.
  • Understanding of emerging AI/LLM technologies and associated security risks.
  • Ability to communicate security risk concepts to both technical and non-technical stakeholders.
  • Familiarity with ServiceNow GRC/IRM systems.
  • Excellent analytical, communication, and project management skills.

Preferred Skills

  • Certifications such as CISSP, CRISC, or Security+.
  • Experience working with security tiger, red/blue/purple teams.

Education

Bachelor's degree