Information Security Risk Management Analyst

Support the development and execution of the enterprise technology risk governance framework

Enhance and maintain IT risk management processes across people, process, and technology

Develop and report on key risk indicators (KRIs), KPIs, and SLAs for technology and information security risks

Prepare clear, executive-level reporting and presentations for senior leadership and C-suite audiences

Maintain and manage the IT risk register within the GRC platform (e.g., OneTrust, AuditBoard or similar)

Conduct Security Threat and Risk Assessments (STRAs) for new initiatives and technology implementations

Participate in third-party and supply chain cybersecurity risk assessments (TPRM)

Advise business and technology teams on risk mitigation strategies and compensating controls

Promote a strong risk-aware culture across the organization