Job Title

To Apply for this Job Click Here Job Summary:Heitmeyer has banking client that has a need within their Information Security team for a Junior Cybersecurity Risk Analyst who can perform risk assessments within the environment to identify, assess, track and advise on information security risks. This individual will be part of the 2nd line of defense in securing the information security environment across the firm. The role is open to fully remote work; however, must align to preferred state options - AR, OK, KS, MO, TX, FL, TN, GA, NC. Job Description:The Junior Cybersecurity Risk Analyst will conduct risk assessments to proactively identify issues while working to manage control exceptions and work with Technology, LOB and Operation partners to address those gaps and work to manage control exceptions while helping to implement compensating and mitigating controls. Top Required Skills: 2+ years of experience in information security risk management with background in executing risk assessments, analyzing results, and facilitating remediation actions. Basic understanding of cybersecurity frameworks (NIST 800-53, NIST"‘CSF, ISO 27001). Working knowledge of common security controls, threat landscapes, and IT processes. Experience managing security control exceptions, including documentation, analysis, and lifecycle tracking. Ability to communicate risk concepts clearly to both technical and non"‘technical stakeholders. Good interpersonal skills and the ability to collaborate cross"‘functionally with business and technology stakeholders. Nice"‘to"‘have: Certifications such as Security+ (CompTIA), CRISC, CISM, or CISSP are nice to have. Background within financial services would be beneficial but not required. Hands"‘on experience with GRC tools, particularly RSA Archer. Top Responsibilities: Serve as a key second line of defense partner, supporting the enterprise information security risk management program and conducting risk assessments to proactively identify issues. Analyze and review security control exceptions, assess risk impact, and support the documentation of compensating and mitigating controls. Track exception lifecycles, ensuring timely remediation or re"‘assessment, and facilitate upper management reviews and escalations as needed. Partner with first line technology teams and business units to advise on remediation plans and provide guidance on risk mitigation strategies. Facilitate and lead stakeholder meetings to drive the resolution of information security control gaps. Ensure GRC platform (e.g., RSA Archer) is used effectively for exception tracking, reporting, and compliance monitoring. Conduct periodic risk assessments using frameworks such as NIST, NIST"‘CSF, ISO 27001, and others as needed. Assist in the development of proactive strategies for risk reduction and control maturity improvement. Support incident response follow"‘ups and ensure identified weaknesses are addressed and tracked. Collaborate with internal audit, compliance, and enterprise risk management to ensure alignment of risk reporting and remediation activities. Heitmeyer Consulting is an equal opportunity employer, and we encourage all qualified candidates to apply. Qualified applicants will be considered without regard to minority status, gender, disability, veteran status or any other characteristic protected by law. To Apply for this Job Click Here #J-18808-Ljbffr