Pay Growth
?
out of 5
Not enough data
Not enough info to score pay or growth
Information Security Risk Analyst
Job
Selby Jennings
Winston-Salem, NC (In Person)
Full-Time
Review key factors to help you decide if the role fits your goals.
Job Security
?
out of 5
Not enough data
Calculating job security score...
Total Score
77
out of 100
Average of individual scores
Skill Insights
Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.
Job Description
Position Overview We are seeking an Information Security Risk Analyst to support enterprise-wide information security risk assessment and monitoring activities. This role reports to senior risk leadership and is responsible for identifying, assessing, monitoring, and communicating information security risks across technology platforms, products, services, and third parties. Key Responsibilities Conduct information security risk assessments across the organization to identify, evaluate, quantify, and manage risks throughout the lifecycle of systems, products, and services. Contribute to and enhance a continuous information security risk monitoring program. Prepare executive- and management-level reporting, including risk metrics (KRIs/KPIs), risk profiles, program status updates, and risk acceptance documentation. Perform periodic and ad-hoc testing or reviews to validate the effectiveness of information security controls. Escalate identified risks and control deficiencies to appropriate stakeholders and leadership. Partner with technology, security, and business teams to assess risks associated with technology-enabled initiatives. Perform third-party and vendor security risk assessments, including: Review of vendor security controls and practices Analysis of security testing reports Development and assessment of security requirements Support for residual risk management Maintain awareness of emerging technologies, information security risks, industry best practices, and regulatory requirements. Required Qualifications Bachelor's degree in a related field such as risk management, information systems, business, finance, economics, or similar discipline. 2-3 years of experience performing risk assessments (e.g., RCSA or similar). Ability to work closely with technical teams and translate risk concepts between technical and non-technical stakeholders. Understanding of risk appetite, tolerance, and how business or technology changes affect risk profiles. Ability to track and communicate regulatory or emerging risk impacts to management. Preferred Qualifications Exposure to IT governance frameworks (e.g., COBIT, ITIL, FFIEC, COSO, or similar). Strong analytical and problem-solving skills. Comfortable working independently while collaborating across teams and organizational levels. Proactive, detail-oriented, and capable of exercising sound judgment in risk-based decision-making.