Jobs · OTHR · Florida

Cyber Risk Assessor III

Seminole Hard Rock Support Services · Davie, FL · 3 days ago
OTHRFull-time

Job Description

The Cyber Risk Assessor III leads cybersecurity risk assessments, control evaluations, and policy oversight across the organization's Governance, Risk, and Compliance program. This strategic role identifies and assesses risks, evaluates control effectiveness, drives regulatory and framework alignment, and strengthens governance processes organization-wide.

Key Responsibilities

  • Lead cybersecurity risk assessments for systems, applications, business processes, and third-party

  • Evaluate and assess the risk of cybersecurity issues, findings, and their potential impact to the organization

  • Oversee and maintain the Cybersecurity risk register with clear ownership, accountability, and tracking

  • Develop mitigation strategies, compensating controls, and risk-based remediation plans with business and technical stakeholders

  • Monitor and report on risk trends, control effectiveness, compliance status, and remediation progress for leadership and stakeholders

  • Establish and track key risk indicators (KRIs) and report on risk trends, control effectiveness, and remediation progress to senior leadership

  • Proactively identify, track, and escalate top organizational cybersecurity risks to leadership

  • Lead the development, documentation, and continuous improvement of security and GRC processes to strengthen governance, consistency, and operational effectiveness

  • Lead the development, review, and maintenance of cybersecurity policies, standards, procedures, and related governance documentation

  • Support security awareness, governance communications, and continuous improvement initiatives across the GRC program

  • Lead and influence cross-functional engagement with IT, Cybersecurity, Audit, Legal, Privacy, and business teams

  • Develop and deliver executive-level cybersecurity risk reports for senior management and board-level stakeholders, highlighting critical risks and mitigation strategies

  • Communicate complex technical and risk information effectively to both technical and non-technical audiences

  • Present risk assessments, findings, and strategic recommendations to executive leadership and board committees

  • Lead and facilitate risk workshops and training sessions to promote risk-aware culture

Required Qualifications

  • 7+ years of progressive experience in cybersecurity, Governance, Risk, and Compliance (GRC), or information security

  • Demonstrated experience leading enterprise-level risk assessments and governance programs

  • Deep expertise in risk assessment methodologies and control evaluation concepts

  • Proven experience developing policies, standards, procedures, and governance documentation

  • Experience assessing risk of cybersecurity issues and developing remediation strategies

  • Experience conducting technical risk assessments and security architecture reviews

  • Proven experience leading and managing cybersecurity maturity assessments

  • Comprehensive knowledge across all cybersecurity domains including infrastructure security, network security, application security, cloud security, identity and access management, data protection, endpoint security, security operations, and emerging technologies such as artificial intelligence

  • Current knowledge of the threat landscape and attack vectors

  • Strategic thinking and ability to translate technical vulnerabilities into business risk and impact

  • Excellent analytical skills with ability to synthesize complex information into actionable insights

  • Superior written and verbal communication and report-writing capabilities

  • Proven ability to influence and drive outcomes without direct authority across all organizational levels

  • Critical thinking and problem-solving abilities

  • Demonstrated leadership in mentoring and developing team members

Skills & Competencies

  • Strategic thinking and ability to translate technical vulnerabilities into business risk and impact

  • Excellent analytical skills with ability to synthesize complex information into actionable insights

  • Superior written and verbal communication and report-writing capabilities

  • Proven ability to influence and drive outcomes without direct authority across all organizational levels

  • Critical thinking and problem-solving abilities

  • Demonstrated leadership in mentoring and developing team members

Preferred Qualifications

  • Certifications CISSP (Certified Information Systems Security Professional)

  • CRISC (Certified in Risk and Information Systems Control)

  • CISA (Certified Information Systems Auditor)

  • CISM (Certified Information Security Manager)

  • ISO 27001 Lead Auditor or Lead Implementer

  • FAIR Certification

  • PCI QSA or ISA

Additional Experience

  • Experience with GRC platforms (E.g., Onspring, ServiceNow GRC, Archer, OneTrust, Vanta, Drata)

  • Background in regulated industries (gaming, financial services retail)

  • Bachelor’s degree in Computer Science, Information Security, Cyber Risk Management, or related field (Master's preferred)

Similar jobs

Cyber Risk Assessor III

Seminole Hard Rock Support ServicesDavie, FL· 4 wk ago
Information Technologyapply on seminolehardrock.wd503.myworkdayjobs.com

Cyber Security Analyst III

Abacus Technology CorporationSumter, SC· 3 mo ago
Information Technologyapply on careers-abacustech.icims.com