Jobs search

Cyber security and Risk Analyst

Suna Solutions • san jose, ca, us • 10h ago

Job Title: Cyber security and Risk Analyst / Information Security Risk Assessment Sr. Analyst

Pay rate: $60-$70/hr on W2

Duration: 6 months contract

Location: San Jose, CA

Key Responsibilities:

Conduct security risk assessments to identify, score and document potential risks from threats and vulnerabilities within the organization's infrastructure and applications.
Perform control effectiveness assessment by collaborating with cross-functional teams to understand technical implementations and assess control strength
Communicate identified security risks and their potential impact to stakeholders, including technical and non-technical audiences.
Track and report on the status of risk remediation efforts, ensuring timely resolution and compliance with organizational policies.
Maintain security risk register and ensure timely updates of the risk register
Contribute to performing risk aggregation and risk analysis to identify top risks and areas of focus/improvement for prioritization
Contribute to developing detailed reports and presentations on risk assessments, including identified aggregated top risks, risk treatment progress, trending and escalation. Ensure these reports are understandable to technical and non-technical stakeholders, including senior management.
Demonstrate a process-oriented, results-driven approach to security risk engineering, employing effective problem-solving and communication skills to serve as a subject matter expert and trusted advisor.
Actively contributes to the administration, maintenance and process improvements of the GRC risk assessment program.
Performs other job duties as required.

We’d love to chat if you have:

Bachelor’s degree in Computer Science, Information Security, or a related field.
5+ years of experience in security risk assessment, with strong background in cybersecurity and risk management, with hands-on working knowledge and experience in risk management frameworks such as NIST RMF, FAIR, and OWASP
Strong technical knowledge of security controls, including but not limited to access controls, encryption, network security, and vulnerability management.
Demonstrated experience working within a GRC framework, with an understanding of regulatory and compliance requirements (e.g., PCI DSS, SOC).
Proven ability to work collaboratively with engineering teams to assess and mitigate security risks.
Experience with security risk remediation programs, including technical implementation and compliance considerations.
Strong analytical and problem-solving skills, with attention to detail and accuracy.
Strong collaboration skills, with experience working cross-functionally with IT, Engineering, and other stakeholders.
Excellent communication skills, capable of translating technical concepts into actionable insights for both technical and non-technical stakeholders.
Experience in identifying process improvements and enhancing operational efficiencies within security programs.
Experience with GRC Risk Management tool including tool implementation will be plus

Preferred Skills:

Experience with security assessment tools and methodologies.
Knowledge of cloud security best practices and technologies (e.g., AWS, Azure, GCP).
Strong project management skills with the ability to prioritize tasks and manage multiple projects simultaneously.
Certifications like PMP, CISSP, or CISM are a plus but not required.

EQUAL EMPLOYMENT OPPORTUNITY STATEMENT:

Suna Solutions provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Applicants, with criminal histories, are considered in a manner that is consistent with local, state, and federal laws.

REQUESTING AN ACCOMODATION

Suna Solutions is committed to providing equal employment opportunities for persons with disabilities or religious observances, including reasonable accommodation when needed. If you are hired by Suna Solutions and require accommodation to perform the essential functions of your role, you will be asked to participate in our reasonable accommodation process. Accommodations made to facilitate the recruiting process are not a guarantee of future or continued accommodations once hired.

If you would like to be considered for employment opportunities with Suna Solutions and have accommodation needs for a disability or religious observance, please call us at 1 (888) 223-4788, send us an email or speak with your recruiter.

PAY TRANSPARENCY POLICY STATEMENT

Compensation for roles at Suna Solutions varies depending on a wide array of factors including but not limited to the specific client, office or remote location, role, skill set and level of experience. As required by local law, Suna Solutions provides a reasonable pay scale to include the hourly or salary range that Suna Solutions reasonably expects to pay for roles that may be hired in California, Colorado, New York City or Washington.

Apply