Description

Position Description:

We are seeking a highly skilled Cybersecurity Risk Analyst to assess and manage risks related to third-party vendors, technology systems, and enterprise-wide security. The ideal candidate will conduct Threat Risk Assessments (TRA), develop risk management policies, and implement a comprehensive Third-Party Risk Management (TPRM) program. This role requires strong analytical skills, knowledge of industry-standard frameworks, and the ability to collaborate with key stakeholders to enhance cybersecurity resilience.

Your future duties and responsibilities:

Key Responsibilities:
• Threat Risk Assessments of Vendors and Products Evaluate the security posture of vendors and their products, categorize based on criticality, review security documentation, and conduct risk assessments. Document findings, provide mitigation recommendations, and present results to stakeholders.
• Threat Risk Assessments of Technology Systems and Architecture Assess security risks in technology systems and architectures through threat modeling, system classification, access control evaluation, and risk documentation. Work with IT and development teams to implement security controls.
• Risk Management Policies and Procedures Develop and refine risk management policies and guidelines, identifying gaps and aligning with industry standards. Document governance methodologies, create templates for risk assessments, and support risk management tool implementation.
• Third-Party Risk Management (TPRM) Program Enhance third-party risk assessment frameworks, establish security requirements, and implement monitoring mechanisms. Support the selection of platforms for centralized TPRM control and reporting, ensuring continuous risk monitoring.
• Enterprise Threat Risk Assessment Conduct comprehensive assessments of internal and external threats, evaluate security controls, and perform business impact analyses. Develop actionable risk treatment plans and present findings to executive management for strategic decision-making.

Required qualifications to be successful in this role:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Minimum 5 years of experience in cybersecurity risk management, vendor assessments, or enterprise security.
• Strong knowledge of industry frameworks such as NIST, ISO 27001, CIS Controls, and SOC 2.
• Experience conducting Threat Risk Assessments (TRA) and business impact analyses.
• Familiarity with third-party risk management (TPRM) programs and vendor security assessments.
• Expertise in threat modeling, risk evaluation methodologies, and compliance auditing.
• Proficiency in risk reporting tools and governance frameworks.
• Excellent communication and stakeholder management skills.
• Ability to work independently and collaboratively in a fast-paced environment.

Preferred Certifications:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified in Risk and Information Systems Control (CRISC)
• Certified Information Systems Auditor (CISA)

Skills:

  • Identity and Access Mgt (IAM)

What you can expect from us:

Together, as owners, let’s turn meaningful insights into action.

Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…

You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.

Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.

You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

At CGI, we recognize the richness that diversity brings. We strive to create a work culture where all belong and collaborate with clients in building more inclusive communities. As an equal-opportunity employer, we want to empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process, please let us know. We will be happy to assist.

Come join our team—one of the largest IT and business consulting services firms in the world.

Share on LinkedInShare on FacebookTweet about this on Twitter