Full-Time

Cyber Risk Management Analyst

TPCRM focused

Posted on 11/21/2024

phia

phia

11-50 employees

Provides cybersecurity solutions for government agencies

Cybersecurity

Mid

No H1B Sponsorship

Remote in USA

Remote position to be performed from within the United States.

US Citizenship, US Top Secret Clearance Required

Category
Cybersecurity
IT & Security
Requirements
  • 3+ years of experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols.
  • Familiarity with third-party risk assessment platforms (e.g., Process Unity GRX) and risk management platforms (e.g., Diligent RSAM).
  • Familiarity with cyber risk assessment and management frameworks, methodologies, and reporting. (e.g., SOC 2 Type II) and questionnaire responses.
  • Strong understanding and practical experience in adapting and implementing industry-standard cybersecurity frameworks and standards (e.g., ISO 27001, NIST CSF, NIST 800-53, NIST 800-171, CIS 18, Zero Trust Principles, FedRAMP).
  • Excellent communication skills to effectively engage with cross-functional leadership and stakeholders, particularly in supply chain management regarding third-party risk management strategies and activities.
  • Experience in managing and instructing diverse teams with varying levels of subject matter expertise.
  • Strong organizational skills to manage competing priorities and ensure timely completion of projects.
  • Technical Writing Skills: Proficient in producing high-quality technical documentation and reports.
  • U.S. Citizenship required
  • Ability to obtain Public Trust (or higher) government clearance
  • Bachelor’s degree in Computer Science, Information Technology or Information Security or other relevant disciplines.
  • CRISC - Certified in Risk and Information Systems Control
  • CISSP- Certified Information Systems Security Professional
  • CCSK- Certificate of Cloud Security Knowledge or CCSP
  • CISA-Certified Information Systems Auditor certifications
  • CISM- Certified Information Security Manager
Responsibilities
  • Drive the design, development, implementation, and continuous improvement of third-party cyber risk management strategies and practices across public and private sectors.
  • Champion and oversee Third Party Cyber Risk Management (TPCRM) best practices and policies.
  • Implement and adapt industry-standard cybersecurity frameworks (e.g., ISO 27001, NIST CSF, NIST 800-53, NIST 800-171, CIS 18, Zero Trust Principles, FedRAMP).
  • Conduct supply chain risk assessments using recognized audit reports (e.g., SOC 2 Type II) and questionnaire responses.
  • Collaborate with cross-functional leadership and stakeholders, particularly in supply chain management, to communicate third-party risk management strategies, activities, and identified risks.
  • Utilize third-party risk assessment platforms (e.g., Process Unity GRX) and risk management platforms (e.g., Diligent RSAM).
  • Review and make recommendations for policy and process updates, insuring alignment with organizational risk requirements.
  • Lead and mentor diverse teams with varying levels of subject matter expertise.
  • Prioritize and manage multiple concurrent projects to ensure timely completion.
  • Produce high-quality technical documentation and reports.
  • Engage in continuous learning to expand personal knowledge and upskill team members.

phia LLC specializes in delivering tailored cyber assessments, proactive cybersecurity operations, security engineering, and advisory services, leveraging threat intelligence, operational realities, and industry best practices to counter advanced cyber threats for mission-critical teams within various government agencies. The company's main product focuses on providing sophisticated cyber solutions through intelligence-driven approaches and industry standards, utilizing a variety of frameworks informed by threat intelligence and operational realities.

Company Stage

N/A

Total Funding

N/A

Headquarters

Louisville, Kentucky

Founded

2011

Simplify Jobs

Simplify's Take

What believers are saying

  • Rising demand for zero-trust security models boosts Phia's market potential.
  • Growing interest in AI-driven threat detection enhances Phia's service offerings.
  • Expansion in healthcare cybersecurity services opens new market opportunities for Phia.

What critics are saying

  • AI in cyber attacks requires Phia to constantly update defenses.
  • Quantum computing threatens current encryption, demanding rapid innovation from Phia.
  • Shortage of skilled professionals challenges Phia's ability to maintain security teams.

What makes phia unique

  • Phia offers a comprehensive suite of cybersecurity and intelligence services.
  • The company specializes in AI-driven threat detection and response systems.
  • Phia is pioneering quantum computing-resistant encryption methods.

Help us improve and share your feedback! Did you find this helpful?

INACTIVE