Security Risk Analyst

Job Description for the role. Position Overview:We are seeking a Security Risk Analyst with 2 years of experience to join our cybersecurity team. The ideal candidate will be responsible for conducting risk assessments, identifying vulnerabilities, analysing security controls, and ensuring compliance with industry frameworks. This role requires strong analytical skills, attention to detail, and the ability to work collaboratively with IT, security, and business teams.
Key Responsibilities:Conduct IT security risk assessments across infrastructure, applications, and networks.Identify assets, threats, vulnerabilities, and risk impact, ensuring a structured risk scoring approach.Evaluate and prioritize risks based on business impact and security policies.Ensure compliance with ISO 27001, NIST, SOC 2, GDPR, and other relevant security frameworks.Assist in internal and external security audits, documenting findings and remediation plans.Maintain and update risk policies, procedures, and compliance checklists.Work with security teams to monitor threats, analyse vulnerabilities, and track remediation efforts.Support security operations in incident response, Security investigations, and security reviews.Assist in developing mitigation strategies for identified risks and vulnerabilities.Work closely with IT, network, compliance, and business teams to integrate risk management strategies.Provide risk recommendations and security awareness training to stakeholders.Develop and present risk reports, dashboards, and remediation plans to leadership.Contribute to enhancing risk assessment methodologies and automation workflows.Identify gaps in security processes and suggest improvements for better risk visibility.
Qualifications:Bachelor’s degree in computer science, Information Security, Cybersecurity, Risk Management, or a related field.Excellent analytical and problem-solving skills.While certifications are not typically expected from entry-level candidates, obtaining foundational certifications can demonstrate commitment and enhance knowledge. Consider certifications such as:CompTIA Security+Certified Ethical Hacker (CEH) - entry-level versionStrong attention to detail and ability to prioritize tasks effectively.Good communication skills, both verbal and written, for preparing reports, documentation, and presenting findings to stakeholders.Collaboration and teamwork abilities to work effectively with cross-functional teams and stakeholders.Critical thinking and decision-making skills to assess complex security risks and recommend appropriate mitigation strategies.