Cyber Risk Analyst
The Judge Group Inc.

Location: Cincinnati, OH
Description:
Overview: As an IT Risk Analyst, you will play a crucial role in our IT risk management practice, ensuring that risks are proactively identified, assessed, communicated, and monitored. Your primary responsibilities will include conducting risk assessments and generating actionable reports. Building strong relationships with leaders across the organization is essential to evaluate our enterprise risk posture and provide independent recommendations for risk mitigation in accordance with our established risk appetites.

Key Attributes: The ideal candidate is strategic, intellectually curious, and thrives in ambiguous environments. As part of our dynamic team, you will have the opportunity to shape and enhance our risk management program while enjoying autonomy and support from senior leadership.

Essential Qualifications:

• Proven experience in risk management, particularly in cyber risk assessments.
• Familiarity with cybersecurity frameworks, such as NIST-CSF.
• Proficiency with risk management tools (administrative, power user, user level).
• Ability to facilitate effective communication regarding cyber risks with both technical and non-technical stakeholders.

Core Responsibilities:

• Manage and conduct cyber risk assessments.
• Evaluate internal operational controls to ensure alignment with cyber risk treatment needs.
• Analyze and update threat and risk scenarios for effective cyber risk management.
• Communicate cyber risk findings to management and relevant stakeholders.
• Assess and refine cyber risk appetites for lines of business.
• Explore and communicate cyber risk treatment options to stakeholders.
• Educate employees on fostering a risk-aware culture.
• Adjust cyber risk scores based on available controls and treatment strategies.
• Develop cyber risk dashboards and reports that illustrate complex risk, process, and control relationships.
• Support risk management oversight during internal and external audits and regulatory examinations.

Preferred Qualifications:

• 5-10 years of experience in governance, risk, and compliance.
• Relevant certifications (CISSP, CISA, CRISC) are preferred but not mandatory.
• Previous experience as a compliance analyst in a related field.
• Strong understanding of industry compliance requirements and standards.
• Proficiency in compliance management software (e.g., Archer, ServiceNow, MetricStream).
• Ability to accurately complete compliance certification applications.
• Exceptional training and communication skills.
• Knowledge of regulatory frameworks and requirements analysis.
• Strong critical thinking, problem-solving, and project management skills.
• Familiarity with process improvement methodologies.
• Attention to detail and the ability to navigate complex scenarios.

Contact: agadkari@judge.com

This job and many more are available through The Judge Group. Find us on the web at www.judge.com

---