Technical Risk Analyst - Cybersecurity - Hybrid

• This position is hybrid with the expectation to report onsite a minimum of 3 days per week, which is located in Vienna, Virginia or Pensacola, Florida.

The Technical Risk Analyst is responsible for identifying, assessing, and mitigating technical risks, cyber threats, and ensuring operational resilience. This role focuses on safeguarding our client's organization against technical risks.

The analyst works with cross-functional teams to identify, assess, and mitigate risks related to the organization's technology infrastructure, applications, and data. They assist in developing and implementing risk management strategies, perform risk assessments, and ensure compliance with internal and external standards.

This position requires growing an understanding of business needs and objectives. The analyst will solve a range of mostly straightforward problems with some increased scope and complexity. This is a developing professional role requiring basic skill set and proficiency with procedures and techniques.

Key Responsibilities:

• Conduct risk assessments and vulnerability analyses on existing and new technologies
• Collaborate with IT and security teams to identify potential risks and develop mitigation strategies
• Monitor and analyze security incidents and trends to improve risk management practices
• Assist in the development and implementation of risk management policies and procedures
• Stay updated on industry regulations, standards, and best practices related to information security and risk management
• Participate in audits and compliance assessments to ensure adherence to relevant regulations
• Provide regular reports to senior management and stakeholders on risk findings, trends, and risk mitigation efforts
• Work with internal teams to promote risk awareness and drive a culture of risk management across the organization
• Assist with the management of external vendors and service providers to ensure third party risks are adequately managed

Qualifications:

• Experience in risk analysis, information security, or a related area
• Experience with risk assessment frameworks (e.g., NIST, ISO 27001)
• Excellent communication skills, both verbal and written
• Experience with information technology, cybersecurity, network infrastructure, and cloud computing
• Knowledge of risk management frameworks and regulatory requirements like ISO 27001, NIST, or COBIT
• Strong analytical skills to assess risks and determine appropriate mitigation strategies
• Ability to interpret technical data and assess its impact on business operations
• Verbal and written communication skills to report on risk findings and collaborate with cross-functional teams
• Ability to identify potential technical risks and propose practical solutions for risk mitigation
• Strong attention to detail in evaluating risk factors, control measures, and compliance issues
• Bachelor's degree in Computer Science, Information Technology, Risk Management, or a related field or equivalent combination of training, education and experience.

CC Pace is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, or any other protected characteristic under federal, state, or local laws.

CC Pace are committed to employing only candidates who are legally authorized to work in the United States. For us to comply with the Immigration Reform and Control Act of 1986, all new employees, as a condition of employment, must complete the Employment Eligibility Verification Form I-9 and provide documentation that establishes identity and authorization to work. E-Verify will be used for employment verification as part of your onboarding process.

CC Pace values integrity throughout our hiring process. As part of our standard verification procedures, candidates will be asked to provide documentation confirming employment history, education, and work authorization.