Cybersecurity Risk Analyst
ECLARO · Manassas, VA · 1 wk ago
On-siteSales$67–$70/hrOther
Responsibilities
- Evaluate new and prospective vendors through structured cybersecurity risk assessments.
- Serve as the primary SME and platform administrator for TPRM solution (SAFe).
- Maintain and continuously update the enterprise vendor inventory.
- Execute structured vendor onboarding workflows.
- Monitor and triage automated vendor security alerts.
- Manage vendor offboarding procedures.
- Conduct periodic reassessments and ongoing monitoring of in-scope vendors.
- Develop and maintain Power BI dashboards and reports for leadership.
- Support Insider Threat program by monitoring behavioral risk indicators.
- Aid in the preparation of cybersecurity governance artifacts.
- Generate periodic cyber risk reports for IT leadership.
- Build and maintain Power BI dashboards for governance and risk metrics.
- Participate in risk assessment activities and support internal control evaluations.
- Design and develop custom cybersecurity awareness training content.
- Assist in the scheduling and deployment of training across the organization.
- Analyze phishing simulation campaign results.
- Build and maintain Power BI dashboards for cybersecurity awareness metrics.
- Assist in Disaster Recovery (DR) coordination and reporting.
- Design, build, and maintain dedicated SharePoint sites and pages.
- Embed and publish Power BI reports into SharePoint pages.
- Create audience-specific SharePoint pages.
- Establish and enforce a publishing cadence for dashboard refreshes.
- Apply SharePoint governance best practices.
- Coordinate with IT infrastructure and Microsoft 365 administrators.
- Communicate within the assigned department and with other departments.
- Participate in staff meetings and monitor and revise strategies.
- Provide high-quality customer service to external customers.
Qualifications
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Risk Management, or a closely related field.
- Minimum 3-5 years of progressive experience in cybersecurity, IT risk management, or a related GRC discipline.
- Demonstrated experience operating or administering a formal TPRM program or third-party risk platform.
- Proven ability to build Power BI reports and dashboards.
- Experience developing and delivering cybersecurity awareness training and reporting program metrics.
- Familiarity with Disaster Recovery planning and tabletop exercises.
- Power BI Report & Dashboard Development, Vendor Risk Assessment & Lifecycle Management, TPMR Platform Administration, GRC Documentation & Control Mapping, Security Questionnaire Evaluation, Phishing Simulation Analysis & Reporting, Cyber Awareness Metrics Tracking & Presentation, DR Test Planning, Facilitation & Post-Exercise Reporting, Insider Threat Monitoring Support, Advanced Microsoft Excel, Executive-Ready PowerPoint Presentations, SharePoint Site Management, Clear written & verbal communication at all org levels, Executive-Level Risk Storytelling & Data Narration, Cross-Functional Stakeholder Engagement, Analytical Thinking & Risk Prioritization, Project Coordination & Deadline Management, Detail Orientation & Documentation Discipline, Ability to manage multiple concurrent workstreams, Vendor Relationship Professionalism, Collaborative team player with independent initiative, Adaptability in a fast-paced utility environment, Continuous learning mindset in evolving threat landscape, SharePoint site design and intranet page development.