Third Party Cyber Risk Management Analyst

Morrisville, NC, USA

NikSoft Systems Corp.

NikSoft Corporate Site

View all jobs at NikSoft Systems Corp.

Apply now Apply later

We are searching for a Third Party Cyber Risk Analyst to support the Cybersecurity program at the United States Postal Service. The candidate will support the Risk Management, System Certification & Accreditation (C&A) processes; Information Assurance (IA) processes; system ATOs, and continuous monitoring of enterprise applications. The successful candidate will experience an unparalleled large-scale enterprise environment with over 800 Information Technology systems, processing billions of dollars in annual revenue and supporting a diverse user base spread across the entire US. Join the NikSoft team to scale your career to the next level.


Must have demonstrated knowledge and experience in:

  • Designing, developing, implementing, executing, and improving third-party cyber risk management strategy and practices (public and/or private sector)
  • Adapting and implementing industry cybersecurity frameworks and standards (e.g., ISO 27001, NIST CSF, NIST 800-53, NIST 800-171, CIS 18, Zero Trust Principles, FedRAMP)
  • Assessing supply chain risk based on recognized audit reports (e.g., SOC 2 Type II) and/or questionnaire responses
  • Managing and instructing diverse teams with varying levels of subject matter expertise
  • Managing competing priorities to ensure timely completion of work
  • Communicating with cross-functional leadership and other stakeholders (especially supply chain management) on third-party risk management strategy, risk management activities, and risks
  • Learning on the job to expand knowledge for self and team members
  • Working with third party risk assessment platforms (e.g., Process Unity GRX)
  • Working with Risk Management platforms (e.g., Diligent RSAM)
  • Technical Writing
  • Contract Review and Negotiations
  • Defining clear tasks and communicating topics to leadership through concise and succinct presentations.

Nice to have:

  • Public and Private Sector experience
  • Proximity (<50 miles) to Gatehouse (Falls Church, VA) or Aerial (Morrisville, NC) for in-person activities
  • Familiarity with CyberGRX (now Process Unity GRX) and Diligent RSAM

Qualifications:

  • Bachelor's degree in Information Technology or a relevant Cybersecurity field, and 2-4 years of overall experience.
  • 10+ years of experience working as a Risk, Information Assurance, or Information Systems Security Analyst.
  • Knowledge of the NIST Risk Management Framework (RMF) and security controls is required.
  • This candidate must understand the risk management process, risk mitigation, and risk tracking.
  • Must have strong communication skills, both oral and written, with excellent interpersonal, team and organization skills.
  • A self-starter with proven abilities to collaborate and gather information from multiple teams.

****Candidates must be able to obtain a Postal Sensitive Clearance (US Citizenship or Green Card required). Additionally, candidates must not have traveled outside of the USA for a combined period not to exceed 6 months within the last 5 years.***

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  4  0  0

Tags: C Clearance FedRAMP ISO 27001 Monitoring NIST NIST 800-53 Risk assessment Risk management RMF SOC SOC 2 Strategy Zero Trust

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.