Job Description :

Concentrix is looking for a highly motivated teammate ready to play a key role as a Cybersecurity Risk Analyst.

Responsibilities :

• Conduct Cybersecurity Risks Assessments of data centers, systems and networks, application environments, cloud environments, and vendor networks.  
• Provide a background and experience in IT infrastructure to include networks, systems, LAN/WAN connectivity, Firewall’s, Intrusion Detection Systems, End-Point security, and remote access capabilities.
• Must understand and have a background in performing Cybersecurity Risk Assessments on regulated environments within the Financial & Health Care industries.
• Assist in the creation and development of Cybersecurity review processes that result in effective methods for reducing security risks and increasing cybersecurity postures.
• Current knowledge and experience performing Risk Assessments in accordance with the NIST CSF, as well as against PCI, HIPAA, and SOX requirements.
• Demonstrate knowledge and abilities of Cybersecurity Risk Reduction and implementation of controls to reduce risk.
• Demonstrate avenues of ATT@CK and how best to mitigate risks to sensitive data within the enterprise.
• Must have the ability to influence stakeholders; communicate relevant security information to both executive leaders and individual contributors in a globally dispersed team with competing business priorities.

Accountability :

• Work with process, systems and other asset owners to help identify and catalog high value assets, assess threats and vulnerabilities to determine risk, understand security and compliance posture, and drive risk treatment activities.
• Help to implement and integrate Cybersecurity risk management practices and capabilities across the organization. 
• Enhance Cybersecurity tooling that will support risk management capabilities and processes across the organization
• Provide input and execute on various Cybersecurity risk management processes such as risk mapping.
• Produce Cybersecurity Risk based reports detailing the risk to the business and make recommendations to reduce exposure and maintain compliance with industry standards and regulations.

Desired Skills: 

• Excellent understanding of Managing Cybersecurity Risk.
• Strong knowledge of and experience in security requirements, standards and practices including NIST CSF, NIST 800-53, ISO 27001, PCI DSS, SOC2, COBIT, GLBA, SOX, GDPR, OWASP Top 10, SANS Top 25, etc.
• Strong understanding of and/or prior experience in one or more of the following:
  • Security Governance and Policy Management 
  • Risk Assessment, Treatment and Management  
  • Third Party Risk Management
  • IT Disaster Recovery/ Business Continuity
  • Security Training and Awareness
  • Security Compliance Management
• A broad understanding across security domains
• As a Cybersecurity Risk Analyst, You should have prior experience in developing or implementing common controls framework would be a huge plus
• Ability to document, follow, execute and continually improve a detailed process. 
• Strong organizational and attention to detail skills.
• Strong written and oral communication skills.
• Experience working across multiple teams on projects. 
• Demonstrated ability to handle multiple open items of varying size concurrently. 
• Uncompromising personal and professional integrity and ethics
• Experience working with regulated companies and the necessary compliance standards and controls needed for public companies managing regulated data and information systems.
• Prior experience administering websites and more specifically internal WordPress sites a huge plus. 

Qualifications: 

• 6+ years of experience working in IT or Cybersecurity Risk  
• BS degree in Information Technology, Computer Science, or equivalent technology experience 
• Experienced with Cybersecurity Risk Management activities and assisting with third party risk management activities
• Must have experience with project management, risk assessment, incident root cause analysis.  
• Must have strong skills in cyber risk management planning including reporting and tracking.
• A Cybersecurity Risk Analyst must understand the risk management process, risk mitigation, and risk tracking. Additionally, a strong knowledge of cyber security, information security and knowledge of network/systems components.
• The candidate will support the mission of the Cybersecurity Risk Management by organizing and preparing for senior level meetings, provide direction to team on activities of the week, support team in preparing timely deliverable and tracking action items
• Must have strong communication skills, both oral and written, with excellent interpersonal, team and organization skills.  
• A Cybersecurity Risk Analyst must be able to clearly define tasking, communicate topics to leadership through concise and succinct presentations, and to organize meeting preparation materials.  
• Must have strong knowledge of MS Office products to include PowerPoint, Word, Excel, and Outlook.