Risk Management Analyst

Bachelor’s degree in Information Security, Computer Science, Risk Management, or a related field (or equivalent experience) 5+ years of experience in risk management, compliance, or information security Knowledge of risk management and compliance frameworks (NIST, ISO 27001, SOC 2, HIPAA, or PCI DSS) Experience with GRC tools (e.g., Archer, ServiceNow, or similar) preferred Strong analytical, problem-solving, and organizational skills Excellent communication skills Demonstrated ability to balance risk mitigation with business objectives Familiarity with cloud environments (AWS, Azure) is a plus Certifications such as CRISC, CISSP, CISM, or GRCP preferred or in progress

Conduct ongoing enterprise risk assessments Manage the risk transfer program (insurance) Maintain and update risk registers Support audits, regulatory reviews, and compliance assessments Partner with internal stakeholders to evaluate controls Monitor and report on key risk indicators (KRIs) Assist in developing and maintaining policies and procedures Support third-party/vendor risk management Stay current on emerging regulatory requirements and risk trends Collaborate with IT, compliance, and operations teams