Cyber Risk Analyst - Remote

Supports the management of Information Technology risk for both new build and existing infrastructure and environments. Provides subject matter expertise to leadership, IT teams, and the business on cybersecurity matters. Works with the security team, including vulnerability management, logging and monitoring, and threat intelligence teams to understand threats and the CSAA IT environment to communicate CSAA’s security posture. Performs more complex work supporting implementation of IT risk management processes and cyber risk quantification (CRQ). Incumbents in this level work under minimal supervision on projects of moderate to high scope and complexity and rely on their experience and research to advise the business on technology security risk exposure and measures to manage and mitigate risk. Conducting risk assessments, Security and risk management frameworks, Issues/Findings management, Cyber Risk Quantification, IT operational support or IT development work, KRI reporting, Third-party/vendor risk assessments.