Cybersecurity Risk Analyst

We are partnering with a global organisation seeking a Cybersecurity Risk Analyst to join their Global Cyber & Information Security function. This role is focused on third-party/vendor risk assessments, supporting business initiatives by identifying, assessing, and mitigating cybersecurity risks while ensuring alignment with internal policies and industry standards.

Location: Denver, Colorado, USA

Experience Required

• 3+ years’ experience in cybersecurity risk management, IT security controls, or IT audit
• Proven experience conducting third-party/vendor risk assessments within enterprise environments
• Strong understanding of industry frameworks such as NIST, ISO 27001, SOC 1/2, PCI-DSS, and GDPR
• Familiarity with risk assessment methodologies and tools such as SIG, CAIQ, and audit-based approaches
• Experience reviewing and evaluating security controls, policies, and compliance documentation
• Relevant certifications such as CISSP, CISM, CISA, CRISC, or Security+ are preferred
• Ability to communicate complex security concepts clearly to both technical and non-technical stakeholders
• Strong stakeholder management skills with the ability to influence decision-making

Key Responsibilities

• Conduct detailed cybersecurity risk assessments for third-party vendors and business partners
• Review and evaluate security controls to ensure alignment with internal policies and regulatory requirements
• Develop and document risk profiles using questionnaires, frameworks, and internal standards
• Provide clear, actionable recommendations to mitigate identified risks
• Collaborate with IT, security, and business teams to support secure project delivery
• Advise stakeholders on security policies, regulatory obligations, and best practices
• Maintain accurate documentation of assessments within internal risk management platforms
• Report on risk posture, findings, and remediation progress to senior stakeholders
• Support the review and approval of security policy exceptions and provide recommendations
• Contribute to the continuous improvement of security processes, frameworks, and tools

If interested, please apply with your updated CV.