Jobs via Dice
Senior Information Security Risk Analyst
Jobs via Dice, Oakland, California, United States, 94616
Senior Information Security Risk Analyst
Dice is the leading career destination for tech experts at every stage of their careers. Our client, Enexus Global, is seeking a resource local to the Bay Area. Travel to the Oakland office 1–2 days a week.
Role Summary We are seeking a Senior Information Security Risk Analyst to support the review, update, and risk assessment of enterprise cybersecurity standards. This role will be central to facilitating cross‑functional stakeholder engagement, evaluating technical and operational impact, documenting risk decisions, and guiding standards through the established change management process.
Key Responsibilities
Facilitate the review of the lifecycle of cybersecurity standards.
Conduct and document business impact assessments (BIA) for proposed updates to the cybersecurity standards, focusing on operational, compliance, and support implications.
Partner with SMEs in Cybersecurity, IT, Compliance, and Audit to validate revisions.
Coordinate and document working sessions, gathering stakeholder feedback and aligning final decisions.
Draft, edit, and version‑control cybersecurity operational and technical standards documentation.
Maintain clear and audit‑ready documentation of change rationale, versioning, and governance approvals.
Support communication and training coordination planning for standards with operational impact.
Track and report status across multiple concurrent standards updates.
Ensure all work aligns with Cybersecurity Standards Management Platform processes and NIST CSF‑aligned control frameworks.
Required Skills & Experience
7+ years in information risk management, standards governance, or IT compliance roles.
Strong understanding of IT infrastructure, enterprise operations, and risk impact assessment methodologies.
Experience conducting or supporting business impact assessments (BIA) (technical and business).
Proficient in project facilitation, stakeholder engagement, and governance coordination.
Excellent technical writing skills for standards, procedures, and governance risk documentation.
Working familiarity with frameworks such as NIST CSF, NIST 800‑53, ISO 27001, or CIS Controls.
Experience using tools like SharePoint or GRC platforms.
PMP, CISSP, CRISC, or similar certification is a plus.
Ideal Candidate Profile
Able to translate standards changes into operational and risk‑oriented impacts.
Comfortable working independently while coordinating across multi‑disciplinary teams.
Strong attention to detail and strong organizational skills and commitment to documentation quality and follow through.
Thrives in a structured, process‑ and governance‑driven environment.
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Industries Software Development
#J-18808-Ljbffr
Role Summary We are seeking a Senior Information Security Risk Analyst to support the review, update, and risk assessment of enterprise cybersecurity standards. This role will be central to facilitating cross‑functional stakeholder engagement, evaluating technical and operational impact, documenting risk decisions, and guiding standards through the established change management process.
Key Responsibilities
Facilitate the review of the lifecycle of cybersecurity standards.
Conduct and document business impact assessments (BIA) for proposed updates to the cybersecurity standards, focusing on operational, compliance, and support implications.
Partner with SMEs in Cybersecurity, IT, Compliance, and Audit to validate revisions.
Coordinate and document working sessions, gathering stakeholder feedback and aligning final decisions.
Draft, edit, and version‑control cybersecurity operational and technical standards documentation.
Maintain clear and audit‑ready documentation of change rationale, versioning, and governance approvals.
Support communication and training coordination planning for standards with operational impact.
Track and report status across multiple concurrent standards updates.
Ensure all work aligns with Cybersecurity Standards Management Platform processes and NIST CSF‑aligned control frameworks.
Required Skills & Experience
7+ years in information risk management, standards governance, or IT compliance roles.
Strong understanding of IT infrastructure, enterprise operations, and risk impact assessment methodologies.
Experience conducting or supporting business impact assessments (BIA) (technical and business).
Proficient in project facilitation, stakeholder engagement, and governance coordination.
Excellent technical writing skills for standards, procedures, and governance risk documentation.
Working familiarity with frameworks such as NIST CSF, NIST 800‑53, ISO 27001, or CIS Controls.
Experience using tools like SharePoint or GRC platforms.
PMP, CISSP, CRISC, or similar certification is a plus.
Ideal Candidate Profile
Able to translate standards changes into operational and risk‑oriented impacts.
Comfortable working independently while coordinating across multi‑disciplinary teams.
Strong attention to detail and strong organizational skills and commitment to documentation quality and follow through.
Thrives in a structured, process‑ and governance‑driven environment.
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Information Technology
Industries Software Development
#J-18808-Ljbffr