Information Security Analyst (Government, Risk & Compliance)

**Description**



+ Conduct cybersecurity risk assessments and document findings, risk ratings, and recommendations

+ Lead third-party risk assessments for vendors, suppliers, and technology partners

+ Interpret regulatory, contractual, and framework requirements and apply them to business use cases

+ Support external audits, certifications, and client-facing security assessments

+ Advise stakeholders on mitigation strategies and track remediation progress

+ Analyze the security risk of new or existing computer applications, software or services

+ Deliver cybersecurity awareness training and simulated phishing activities developed by CAS

+ Lead CAS Objectives and Key Results (OKRs), initiatives, and projects with low to moderate operational impact to the business

+ Participate in the CAS Weekly Champion rotation and enhance Champion duties defined in the CAS Weekly Champion playbook

+ All other dut...