Analyst, Cyber and Information Security Risk Management
JOB_53584541180987Job type
ContractLocation
North CarolinaProfession
Other/tbcIndustry
Technology & Internet ServicesPay
$50.00 - $54.00/hr.
Analyst, Cyber And Information Security Risk Management – Contract – Greenboro, NC – $50.00 - $54.00/hr.
The final salary or hourly wage, as applicable, paid to each candidate/applicant for this position is ultimately dependent on a variety of factors, including, but not limited to, the candidate’s/applicant’s qualifications, skills, and level of experience as well as the geographical location of the position.
Applicants must be legally authorized to work in the United States. Sponsorship not available.
Our client is seeking a Analyst, Cyber And Information Security Risk Management in Greenboro, NC.
Role Description
Our retail, outdoor client recognizes the value that formal cybersecurity risk management processes provide to the company as key enablers of a mature global information security program, and the Global Cyber and Information Security Risk Management team furthers that value by developing the models, policies, and standards used to design, implement, and maintain information technology solutions that meet business needs while incorporating the key principles of information security. The Analyst, Cyber and Information Security Risk Management supports these processes by ensuring that cybersecurity risks associated with complex business operations are within acceptable tolerances. S/he will perform cybersecurity risk assessments, provide direction and guidance to stakeholders concerning the handling of security risks associated with assessment findings, and assist with the design of appropriate risk mitigation strategies.
The role of the Analyst, Cyber and Information Security Risk Management demands business insight, decisiveness, tact, courage, relationship management skills, technical acuity, sound professional judgment, and the ability to effectively communicate with audiences at all levels, both inside and outside of the organization.
• Collaborate with information technology and other business unit personnel to identify cybersecurity risks associated with current and planned projects.
• Perform assessments of external party information security controls to ensure they meet or exceed the information security risk management requirements for the services to be provided.
• Determine information security risk profiles for various vendor and business partner services using questionnaires, relevant industry best practices and standards, and knowledge of policies.
• Recommend solutions to eliminate, reduce, or mitigate cybersecurity risk, and communicate said solutions to external parties and/or internal business stakeholders as appropriate.
• Provide direction and guidance as needed to internal project stakeholders concerning statutory, regulatory, policy and program requirements.
• Record pertinent documentation and communications for all assessments in online information technology risk management platform.
• Report status of engagements to Global Cyber and Information Security management, project managers, and other business stakeholders as appropriate.
• Assist in enforcing information security policies, standards and procedures. Review requests for exceptions to security policies and provide recommendations to management.
• Research and advocate new technologies, architectures, and products that will support security requirements for the enterprise and its customers, business partners, and vendors.
• Perform other cybersecurity risk management tasks as assigned.
Skills & Requirements
• 3+ years of cybersecurity risk management, IT security control design, and/or IT security control design audit experience.
• Bachelor’s degree in information systems, computer science, or related field preferred.
• Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) credentials preferred. Global Information Assurance Certification Security Essentials (GSEC), CompTIA Security+, or similar credentials considered.
• Basic knowledge of industry frameworks, regulations, legislation, and audit methodologies, including SOC 1, SOC 2, ISO 27000, SIG, CAIQ, NIST Cybersecurity Framework, Sarbanes-Oxley (SOX), PCI-DSS, GDPR, and various federal and state privacy laws.
• Ability to broker complex discussions to achieve the proper balance between business needs and cybersecurity best practices.
• Ability to influence others through persuasion to arrive at desired outcomes.
• Ability to communicate effectively with a broad range of people and roles, including vendors, information technology professionals, and other business personnel.
• Ability and desire to seize the initiative, work proactively, and perform assigned duties in a highly independent manner.
Benefits/Other Compensation
This position is a contract/temporary role where Hays offers you the opportunity to enroll in full medical benefits, dental benefits, vision benefits, 401K and Life Insurance ($20,000 benefit).
Why Hays?
You will be working with a professional recruiter who has intimate knowledge of the industry and market trends. Your Hays recruiter will lead you through a thorough screening process in order to understand your skills, experience, needs, and drivers. You will also get support on resume writing, interview tips, and career planning, so when there’s a position you really want, you’re fully prepared to get it.
Nervous about an upcoming interview? Unsure how to write a new resume?
Visit the Hays Career Advice section to learn top tips to help you stand out from the crowd when job hunting.
Hays is committed to building a thriving culture of diversity that embraces people with different backgrounds, perspectives, and experiences. We believe that the more inclusive we are, the better we serve our candidates, clients, and employees. We are an equal employment opportunity employer, and we comply with all applicable laws prohibiting discrimination based on race, color, creed, sex (including pregnancy, sexual orientation, or gender identity), age, national origin or ancestry, physical or mental disability, veteran status, marital status, genetic information, HIV-positive status, as well as any other characteristic protected by federal, state, or local law. One of Hays’ guiding principles is ‘do the right thing’.
We also believe that actions speak louder than words.
In that regard, we train our staff on ensuring inclusivity throughout the entire recruitment process and counsel our clients on these principles. If you have any questions about Hays or any of our processes, please contact us.
In accordance with applicable federal, state, and local law protecting qualified individuals with known disabilities, Hays will attempt to reasonably accommodate those individuals unless doing so would create an undue hardship on the company. Any qualified applicant or consultant with a disability who requires an accommodation in order to perform the essential functions of the job should call or text 813.336.5570.
Drug testing may be required; please contact a recruiter for more information.
#LI-DNI
Applicants must be legally authorized to work in the United States. Sponsorship not available.
Our client is seeking a Analyst, Cyber And Information Security Risk Management in Greenboro, NC.
Role Description
Our retail, outdoor client recognizes the value that formal cybersecurity risk management processes provide to the company as key enablers of a mature global information security program, and the Global Cyber and Information Security Risk Management team furthers that value by developing the models, policies, and standards used to design, implement, and maintain information technology solutions that meet business needs while incorporating the key principles of information security. The Analyst, Cyber and Information Security Risk Management supports these processes by ensuring that cybersecurity risks associated with complex business operations are within acceptable tolerances. S/he will perform cybersecurity risk assessments, provide direction and guidance to stakeholders concerning the handling of security risks associated with assessment findings, and assist with the design of appropriate risk mitigation strategies.
The role of the Analyst, Cyber and Information Security Risk Management demands business insight, decisiveness, tact, courage, relationship management skills, technical acuity, sound professional judgment, and the ability to effectively communicate with audiences at all levels, both inside and outside of the organization.
• Collaborate with information technology and other business unit personnel to identify cybersecurity risks associated with current and planned projects.
• Perform assessments of external party information security controls to ensure they meet or exceed the information security risk management requirements for the services to be provided.
• Determine information security risk profiles for various vendor and business partner services using questionnaires, relevant industry best practices and standards, and knowledge of policies.
• Recommend solutions to eliminate, reduce, or mitigate cybersecurity risk, and communicate said solutions to external parties and/or internal business stakeholders as appropriate.
• Provide direction and guidance as needed to internal project stakeholders concerning statutory, regulatory, policy and program requirements.
• Record pertinent documentation and communications for all assessments in online information technology risk management platform.
• Report status of engagements to Global Cyber and Information Security management, project managers, and other business stakeholders as appropriate.
• Assist in enforcing information security policies, standards and procedures. Review requests for exceptions to security policies and provide recommendations to management.
• Research and advocate new technologies, architectures, and products that will support security requirements for the enterprise and its customers, business partners, and vendors.
• Perform other cybersecurity risk management tasks as assigned.
Skills & Requirements
• 3+ years of cybersecurity risk management, IT security control design, and/or IT security control design audit experience.
• Bachelor’s degree in information systems, computer science, or related field preferred.
• Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) credentials preferred. Global Information Assurance Certification Security Essentials (GSEC), CompTIA Security+, or similar credentials considered.
• Basic knowledge of industry frameworks, regulations, legislation, and audit methodologies, including SOC 1, SOC 2, ISO 27000, SIG, CAIQ, NIST Cybersecurity Framework, Sarbanes-Oxley (SOX), PCI-DSS, GDPR, and various federal and state privacy laws.
• Ability to broker complex discussions to achieve the proper balance between business needs and cybersecurity best practices.
• Ability to influence others through persuasion to arrive at desired outcomes.
• Ability to communicate effectively with a broad range of people and roles, including vendors, information technology professionals, and other business personnel.
• Ability and desire to seize the initiative, work proactively, and perform assigned duties in a highly independent manner.
Benefits/Other Compensation
This position is a contract/temporary role where Hays offers you the opportunity to enroll in full medical benefits, dental benefits, vision benefits, 401K and Life Insurance ($20,000 benefit).
Why Hays?
You will be working with a professional recruiter who has intimate knowledge of the industry and market trends. Your Hays recruiter will lead you through a thorough screening process in order to understand your skills, experience, needs, and drivers. You will also get support on resume writing, interview tips, and career planning, so when there’s a position you really want, you’re fully prepared to get it.
Nervous about an upcoming interview? Unsure how to write a new resume?
Visit the Hays Career Advice section to learn top tips to help you stand out from the crowd when job hunting.
Hays is committed to building a thriving culture of diversity that embraces people with different backgrounds, perspectives, and experiences. We believe that the more inclusive we are, the better we serve our candidates, clients, and employees. We are an equal employment opportunity employer, and we comply with all applicable laws prohibiting discrimination based on race, color, creed, sex (including pregnancy, sexual orientation, or gender identity), age, national origin or ancestry, physical or mental disability, veteran status, marital status, genetic information, HIV-positive status, as well as any other characteristic protected by federal, state, or local law. One of Hays’ guiding principles is ‘do the right thing’.
We also believe that actions speak louder than words.
In that regard, we train our staff on ensuring inclusivity throughout the entire recruitment process and counsel our clients on these principles. If you have any questions about Hays or any of our processes, please contact us.
In accordance with applicable federal, state, and local law protecting qualified individuals with known disabilities, Hays will attempt to reasonably accommodate those individuals unless doing so would create an undue hardship on the company. Any qualified applicant or consultant with a disability who requires an accommodation in order to perform the essential functions of the job should call or text 813.336.5570.
Drug testing may be required; please contact a recruiter for more information.
#LI-DNI
Analyst, Cyber and Information Security Risk ManagementJOB_535845411809872025-11-212026-02-20
JOB_53584541180987