Senior Analyst, Cybersecurity Risk & Compliance

What you'll do

• Lead and execute risk assessments and compliance reviews across IT and business systems.
• Develop, implement, and monitor IT and cybersecurity controls aligned with multiple frameworks.
• Coordinate internal and external audits and manage third-party/vendor risk.
• Prepare and deliver compliance reports and documentation for executive decision-making.
• Monitor regulatory changes and update compliance strategies to maintain proactive compliance.
• Collaborate on policy development and governance to ensure sustained audit readiness.
• Conduct training sessions to enhance organizational awareness of security and compliance requirements.

What we're looking for

• Extensive experience in cybersecurity risk management and IT compliance frameworks (NIST CSF, SOC 2, ISO 27001, GDPR, HIPAA, FedRAMP)
• Conducts comprehensive risk assessments and develops mitigation strategies for cyber and IT risks
• Manages internal and external audits, ensuring regulatory compliance across the organization
• Designs and implements compliance programs to maintain audit readiness and support business continuity
• Develops governance policies and procedures, facilitating policy approvals and monitoring adherence
• Coordinates with cross-functional teams to integrate risk management into projects and operations
• Monitors regulatory changes and updates compliance strategies proactively