Macpower Digital Assets Edge

Compensation

Full Description

Job Locations: Dallas, TX | Tampa, FL | Jersey City, NJ Note: Preference will be given to candidates with prior experience in the Financial Services Industry. Position Summary: The Information Risk Analyst/Cybersecurity Risk Analyst will be responsible for developing risk assessment questionnaires, conducting risk assessments for applications (on-premises and cloud), infrastructure (on-premises and cloud), and vendors, in accordance with a defined risk framework. These assessments will be executed through a formalized risk assessment program. The role involves identifying risks related to how business and technology teams utilize IT systems and supporting technological infrastructure. Key Responsibilities • Conduct research on technology security, cybersecurity best practices, and develop risk assessment questionnaires. • Plan and perform risk assessments following the organization's methodology, documenting and communicating control deficiencies in business processes and technology systems. • Collaborate with Enterprise IT to address cybersecurity risk findings, new initiatives, and ad hoc processes, covering areas such as databases, operating systems, networking devices, storage systems, and cloud solutions. • Provide risk remediation recommendations to business and technology teams to mitigate identified control gaps. • Clearly articulate risks in a way that is understandable to both business and technology stakeholders. • Evaluate management responses to ensure remediation plans effectively address identified risks. • Prepare assessment reports and dashboards for IT owners. • Maintain risk documentation within the designated risk register. • Guide business and technology teams through policy exception and risk acceptance processes. • Contribute to the continuous improvement of the risk assessment process. Required Experience • 5+ years of experience in risk assessment within application security, infrastructure security, or vendor risk management. • Experience in the Financial Services Industry is preferred but not mandatory. • Strong understanding of Information Risk Management best practices. • Technical proficiency in cybersecurity concepts and IT systems . Required Knowledge & Skills • Strong technical knowledge of infrastructure, networks, databases, and systems and their impact on cybersecurity risk. • In-depth understanding of security methodologies, policies, and industry best practices . • bility to rticulate technical concepts effectively to both technical and non-technical audiences. • Strong analytical and critical thinking skills . • Excellent presentation skills (MS PowerPoint). • Proficiency in data manipulation using MS Excel. • bility to build consensus, influence decision-making , and foster collaboration across teams. • Strong written and verbal communication skills . • Exceptional organizational skills with the ability to adapt to a dynamic work environment. • Sound business judgment and ability to engage with all levels of management. Education & Certifications: • Bachelor's degree preferred . • Relevant industry certifications such as CISSP, CISM, CRISC, or CCSP are preferred.