Senior Analyst, Cybersecurity Risk & Compliance
Analog Devices · Wilmington, MA · 3 wk ago
Information Technology$103k–$141k/yrFull-time
About the role
As a Senior Analyst, Cybersecurity Risk & Compliance Risk Management & IT Compliance, you will play a pivotal role in safeguarding ADI’s global operations by independently executing risk management and compliance activities across a diverse portfolio of cybersecurity and IT frameworks.
You will leverage your expertise to assess, implement, and continuously improve controls aligned with standards such as NIST CSF, SOC 2, ISO 27001, GDPR, HIPAA, FedRAMP, and export control regulations (including CMMC, ITAR, and EAR).
- Collaborate with cross-functional teams to drive risk-informed decision-making
- Support audit readiness
- Help embed a culture of compliance and security throughout the organization
Key Responsibilities
- Lead and execute risk assessments and compliance reviews across IT and business systems
- Ensure organization-wide identification and mitigation of cyber and IT risks
- Support business continuity and regulatory compliance
- Develop, implement, and monitor IT and cybersecurity controls
- Enhance overall security posture
- Ensure compliance with multiple regulatory and security frameworks
- Reduce organizational risk exposure
- Collapse coordination internal and external audits and manage third-party/vendor risk
- Maintain audit readiness
- Ensure regulatory compliance across the supply chain
- Collaborate with cross-functional teams to integrate compliance into projects and operations
- Embed risk management and compliance into business processes
- Support technology and transformation initiatives
- Prepare and deliver compliance reports and documentation
- Support executive decision-making
- Maintain ongoing audit readiness
- Develop and deliver compliance and security awareness training
- Increase organizational awareness
- Improve adherence to compliance requirements
- Monitor regulatory changes and update compliance strategies
- Reduce risk of regulatory penalties
Must-Have Skills
- IT / Cybersecurity Compliance Frameworks
- Interpret and map requirements from NIST CSF, SOC 2, ISO 27001, GDPR, HIPAA, FedRAMP, and export control regulations (CMMC, ITAR, EAR)
- Lead readiness assessments and remediation planning aligned to ADI processes
- Risk Assessment and Mitigation
- Conduct qualitative and quantitative risk assessments
- Maintain risk registers and recommend mitigation strategies
- Communicate risk insights to both technical and non-technical stakeholders
- Compliance Program Management
- Design, implement, and continuously improve compliance programs
- Coordinate policy rollout, training, monitoring, and issue management
- Ensure sustained audit readiness across business units
- Policy Development and Governance
- Author, review, and update governance policies and procedures
- Facilitate policy approvals and communicate changes
- Monitor adherence and provide policy interpretation guidance
- Control Design, Documentation, and Testing
- Design and document internal controls
- Develop and execute control testing procedures
- Prepare auditor-ready documentation and support control walkthroughs
Preferred Education and Experience
- Bachelor’s degree in Engineering, Computer Science, Cybersecurity, or a related technical field (or equivalent experience)
- Typically requires a minimum of 4+ years of relevant experience in cybersecurity risk management and IT compliance, with demonstrated expertise in multiple frameworks and regulatory environments