Risk Analyst

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

GuidePoint Security offers a comprehensive set of Risk services, including qualitative and quantitative cybersecurity risk assessments, development of cybersecurity risk management programs, third-party risk management program advisory and managed services, staff augmentation, business resilience services, GRC tool services, threat modeling, and other advisory services. GuidePoint Security’s Risk team's offerings are consistently evolving with the security industry and the risks that modern environments face. You will contribute your knowledge, experience, and creativity to face these challenges head-on and equip the practice for success.

As a Risk Analyst, you will use your experience to deliver world-class consulting services that provide outstanding value to clients and help them achieve their goals. Your experience will be vital to ensuring the expanded growth and success of the practice into the future.

Roles and Responsibilities:

• Serve as a dedicated cybersecurity risk management consultant supporting the client’s information security, governance, risk, and compliance (GRC) program.
• Complete client onboarding requirements, including device provisioning, account setup, and any required training.
• Review and gain familiarity with the client’s risk management stakeholders, processes, policies, historical assessments, and program objectives.
• Strong ability to work independently and multi-task on assigned projects.
• Support ongoing risk management activities, including:
• Maintaining and updating information security, GRC, and key risk indicator (KRI) metrics.
• Supporting the information security issue management process in AuditBoard.
• Documenting and inputting risks into the client’s risk register.
• Performing risk mapping to align identified risks with applicable frameworks and controls.
• Maintaining and revising risk-related policies, standards, and procedures.
• Supporting risk reporting and presentation deck updates for executive and committee reviews.
• Participating in assigned risk committees and working groups.
• Documenting processes for cybersecurity risk management to ensure repeatability and transparency.
• Deliver clean, consistent, and actionable risk reporting, leveraging PowerPoint or similar visualization tools.
• Maintain regular communication with client stakeholders, providing advisory guidance on maturing the overall risk management capability.
• Collaborate with other GuidePoint practices to ensure alignment and comprehensive client support.
• Stay current on relevant cybersecurity and risk management standards and industry best practices, incorporating them into service delivery.
• Demonstrate professionalism, adaptability, and strong self-management skills while working independently within the client environment.

Required Experience:

• 1-3 years education and/or experience in cybersecurity with at least 1 year focused on risk management and/or GRC.
• Working knowledge of risk management frameworks such as ISO 31000, ISO/IEC 27005, NIST 800-30, and FAIR.
• Familiarity with security frameworks including: NIST CSF, NIST 800-30, ISO 31000, COSO and others.
• Experience using GRC tools.
• Excellent written and verbal communication skills; able to translate complex information for both technical and executive audiences.
• Self-driven; able to manage schedules, meet deadlines, coordinate with others, perform tasks, and work independently with minimal supervision.
• Excellent project management skills, with the ability to work with multiple deadlines and priorities.
• Demonstrated ability to work independently in a client-facing consulting environment.

Preferred Experience:

• Experience with AuditBoard and comparable GRC platforms.
• Demonstrated understanding of information security policies, standards, plans, procedures, and other documentation to support customer adopted frameworks and industry standards.
• Industry certifications are preferred, such as Security+, CISA, CC(ISC2) etc.
• Coachable, adaptable, and comfortable integrating into client-specific processes and teams.

Travel Requirements:

• Any travel/on-site requirements as needed.

We use Greenhouse Software as our applicant tracking system and Zoom Scheduler for HR screen request scheduling. At times, your email may block our communication with you. Please be sure to check your SPAM folder so that you don't miss updates on your application.

Why GuidePoint?

GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 1000 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 4,200 customers.

Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.  

This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.

Some added perks….

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option