Technical Security Risk & Governance Analyst

Experience in info security, risk management, audit or related technical roleRequired3YearsKnowledge of NIST CSF/800-53, CIS Controls, ISO 27001 and state policesRequiredExperience conducting technical assessments and control testing; proven ability to validate configs and interpret scan resultsRequiredExperience with data analysis and dashboarding (Excel/Power BI), concise report writing, and ability to present to senior leadershipRequiredExperience using GRC platforms; building workflows, control libraries, and risk registersRequiredExperience with risk analysis and documentation; creating practical risk treatment plans and exceptions with compensating controlsRequiredCISSP, CISM, CRISC, CGRC (CAP), Security+, CCSK/CCSP, or CISA certificationHighly desiredAWS/Azure cloud certifications are a plus