Talent.com
Senior Risk Analyst (New York)
Senior Risk Analyst (New York)Morph Enterprise • New York, NY, United States
[error_messages.no_longer_accepting]
Senior Risk Analyst (New York)

Senior Risk Analyst (New York)

Morph Enterprise • New York, NY, United States
[job_card.variable_days_ago]
[job_preview.job_type]
  • [job_card.full_time]
[job_card.job_description]

Hybrid Work Arrangement

  • Work location : Remote Tuesdays & Fridays (3 days in office / 2 days remote)

Work Schedule

  • normal business hours, Monday through Friday (not including a mandatory unpaid meal break after 6 hours of work), 35 work hours per week.
  • if the consultant works more than 35 hours per week, the consultant must request overtime in the agency's timekeeping system and the project manager must approve those hours worked above the weekly maximum.

    • Job Description

    Justification :

  • As client continues to advance our cybersecurity posture, it is essential that we have analysts dedicated to managing and execution of governance, risk, and compliance functions on behalf of the CISO and senior level executives.
  • The Senior Risk Analysts will be responsible for implementing tools and practices to enhance processes related to third-party risk management, risk assessment, and general cyber risk governance.
  • The position requires a diverse background in governance, risk, and compliance; analysis; technology implementation; project management; and collaboration with diverse groups of stakeholders to strengthen the security posture of all agencies.
  • The Senior Risk Analysts will be expected to continue building an effective Citywide Cybersecurity risk program.
  • These analysts will be responsible for improving our risk assessment process to make it more user-centric, interviewing and communicating with agencies when performing risk assessments, and driving creation of a third-party vendor register and monitoring process.
  • Analysts will review and analyze technologies for inventorying third parties, collaborate with SMEs to collect third party intelligence and define actions based on it, and design steps for reviewing existing third parties in our portfolio.
  • Delays in onboarding practitioners with expertise in these areas will leave unaddressed gaps in our risk governance framework.
  • As clients reliance on third party vendors continues to grow it is imperative for the City to have a vendor management practice, which does not only review vendors at the front end of the procurement process but actively manages risk throughout the vendor lifecycle.
  • According to the 2025 Verizon Data Breach Investigations Report, 30% of breaches were linked to third party involvement (twice as many as in 2024).
  • Maintaining our status quo can open up the City and agencies to lawsuits or audit findings (e.g. IRS, City Comptroller).
  • If the City sustains a substantial cyber incident that results in loss of life or significant financial losses, it is not uncommon for individuals and organizations that are negatively impacted to file lawsuits against organizations that are responsible for defending / protecting critical information and critical services.
  • The City would not be able to defend itself as having exercised due diligence in the protection of data and services without the existence of and proper functioning of a mature cyber risk program.
  • Not having a user-centric risk assessment process drains resources from City agencies and the Audit & Compliance team due to questions being misunderstood.
  • This also causes inaccuracies in submitted information, which leads to risk being misevaluated and mismanaged.

    • Scope of services

    Tasks :

  • Build new risk processes and implement risk frameworks to enable better monitoring and evaluation of risks across the City;
  • Manage complex, cross-functional projects, pushing through ambiguity and challenges which may arise;
  • Work with stakeholders across various divisions, soliciting input and working through feedback;
  • Evaluate risk of third parties used by client agencies;
  • Document and track remediation of risks in the Risk Register;
  • Review and analyze various cybersecurity risk cases, justification, and exceptions documents submitted by agencies;
  • Assist in the development of cybersecurity risk assessment procedures and testing methodologies based on established frameworks and guidelines;
  • Initiating corrective actions to remediate vulnerabilities or weaknesses where necessary;
  • Engage in communications with client Agencies;
  • Handle special projects and initiatives as assigned.

    • Mandatory Skills / Experience

    Note : Candidates who do not have the mandatory skills will not be considered

  • A minimum of 4 years of experience in risk management or cybersecurity risk assessment or 4 years of experience evaluating and managing third parties in a cybersecurity team.

    • Desirable skills / experience :

  • BS / BA degree in Cybersecurity, Risk Management, Information Systems, Computer Science, or a related field.
  • One or more of the following certifications are a plus :
  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Information Security Manager (CISM)
  • CompTIA Security+
  • CompTIA Network+
  • CompTIA A+
  • CompTIA CySA+
  • Cisco Certified Network Associate - CCNA
  • CEH : Certified Ethical Hacker
  • GIAC Information Security Fundamentals (GISF)
  • GIAC Security Essentials (GSEC)
  • (ISC)2 Systems Security Certified Practitioner (SSCP)
  • Ability to work effectively in a team environment.
  • Being highly organized, motivated and a self-directed professional.
  • Knowledge of hardware, software, data, and network principles and systems related to Private and / or Public Sectors services.
  • Understanding of commonly used computer operating systems, databases, network structures.
  • Familiarity with cybersecurity framework(s) (NIST, SANS, PCI, ISO 27001 / 27002, or CIS)
  • Investigative and analytical skills.
  • Excellent oral and written communication skills;
  • Knowledge of the current and evolving cyber threat landscape;
  • Knowledge of laws, regulations, policies, and ethics related to cybersecurity and information privacy;
    • [job_alerts.create_a_job]

    Senior Risk Analyst • New York, NY, United States

    [internal_linking.similar_jobs]
    Senior Cyber Risk Analyst – NYC Public Sector Impact

    Senior Cyber Risk Analyst – NYC Public Sector Impact

    PRIORITY CARES HOME SERVICES • New York, NY, United States
    [job_card.full_time]
    A cybersecurity services provider in New York is seeking a Cybersecurity Senior Risk Analyst to support citywide cybersecurity initiatives. Responsibilities include implementing risk processes, mana...[show_more]
    [last_updated.last_updated_1_day] • [promoted]
    Risk Analyst

    Risk Analyst

    Fin • New York, NY, US
    [job_card.full_time]
    Fin is a next-generation payments platform built for high-value, global, and instant transactions.We are a Series A-stage company backed by Sequoia, Circle, and other notable investors.Powered by s...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Cybersecurity Senior Risk Analyst 2

    Cybersecurity Senior Risk Analyst 2

    RightTalents LLC • Brooklyn, NY, United States
    [job_card.full_time] +2
    [filters_job_card.quick_apply]
    Title : Cybersecurity Senior Risk Analyst 2 Client : NYC Agency [show_more]
    [last_updated.last_updated_variable_days]
    Senior Associate- IT Analyst

    Senior Associate- IT Analyst

    EisnerAmper • New York, NY, United States
    [job_card.full_time]
    At EisnerAmper, we look for individuals who welcome new ideas, encourage innovation, and are eager to make an impact.Whether you're starting out in your career or taking your next step as a seasone...[show_more]
    [last_updated.last_updated_1_day] • [promoted]
    Cybersecurity Senior Risk Analyst

    Cybersecurity Senior Risk Analyst

    Stratford Solutions Inc. • New York, NY, US
    [job_card.full_time]
    Cybersecurity Senior Risk Analyst.Remote Tuesdays & Fridays (3 days in office / 2 days remote) Hybrid.Normal business hours Monday-Friday 35 hours / week (not including mandatory unpaid meal break ...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Operational Risk and Control Analyst

    Operational Risk and Control Analyst

    Network Temp Inc • New York, NY, US
    [job_card.full_time]
    Risk and Control Analyst is accountable for engaging in the proactive identification, escalation, and timely mitigation of operational risks. Responsible for administering Operational Risk and Contr...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Senior Cybersecurity Risk Analy

    Senior Cybersecurity Risk Analy

    Molaprise • New York, NY, US
    [job_card.full_time]
    Senior Cybersecurity Risk Analyst.Build new risk processes and implement risk frameworks to enable better monitoring and evaluation of risks across the City. .Manage complex, cross-functional projec...[show_more]
    [last_updated.last_updated_1_day] • [promoted]
    Senior Compliance Analyst

    Senior Compliance Analyst

    Garner Health • New York, NY, US
    [job_card.full_time]
    Healthcare quality is declining and soaring costs are crushing American families and businesses.At Garner, we've developed a revolutionary approach to evaluating doctor performance and a unique...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Cybersecurity Senior Risk Analyst

    Cybersecurity Senior Risk Analyst

    Ariel Partners • New York, NY, US
    [job_card.full_time]
    As New York City continues to advance our cybersecurity posture, it is essential that we have analysts dedicated to managing and execution of governance, risk, and compliance functions on behalf of...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Senior Analyst, Enterprise Deals

    Senior Analyst, Enterprise Deals

    Pure Storage • New York, NY, US
    [job_card.full_time]
    Senior Analyst, Enterprise Deals.We're in an unbelievably exciting area of tech and are fundamentally reshaping the data storage industry. Here, you lead with innovative thinking, grow along with us...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Senior Analyst

    Senior Analyst

    LaunchPointPEO • New York, NY, US
    [job_card.full_time]
    Old Dominion Strategies (ODS) is a professional services firm supporting the U.Department of Homeland Security and its components through mission-focused program management, administrative, and tec...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Risk Appetite & Limits 1st LOD Lead Analyst

    Risk Appetite & Limits 1st LOD Lead Analyst

    NYC Staffing • New York, NY, US
    [job_card.full_time]
    Risk Appetite & Limits 1st Lod Lead Analyst.Risk Appetite & Limits 1st LOD Lead Analyst for its New York, New York location. Duties include recommending data-driven solutions to key stakeholders rel...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Funds Ratings - Analyst / Senior Analyst (NY)New York, New York

    Funds Ratings - Analyst / Senior Analyst (NY)New York, New York

    KBRA • New York, NY, US
    [job_card.full_time]
    Funds Ratings - Analyst / Senior Analyst (NY).Kroll Bond Rating Agency, LLC is seeking an Analyst / Senior Analyst to join our growing Funds Ratings team in the New York office.The Funds team assigns...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Third-Party Risk Management Senior Analyst (MRA Remediation Support) - VP Level

    Third-Party Risk Management Senior Analyst (MRA Remediation Support) - VP Level

    Syntricate Technologies • New York, NY, US
    [job_card.temporary]
    Third-Party Risk Management Senior Analyst (MRA Remediation Support).VP Level New York City, NY or Tampa, FL (Hybrid) 6-12 Months Contract Web Cam Interview $70-$75 / Hr on W2.Third Party Risk is a g...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Senior Regional Analyst, CG-1101-15

    Senior Regional Analyst, CG-1101-15

    US Government Jobs • New York, NY, US
    [job_card.full_time]
    Division Of Resolutions And Receiverships, Resolution Risk Analysis Section.This position is located in the Division of Resolutions and Receiverships, Resolution Risk Analysis section of the Federa...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Senior Analyst

    Senior Analyst

    imre • New York, NY, US
    [job_card.full_time]
    Imre is an independent, award-winning, brand-engagement creative agency that helps consumer and healthcare brands connect authentically with people in some of the most important decisions of their ...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Senior Investment Portfolio Analyst - New York, NY

    Senior Investment Portfolio Analyst - New York, NY

    Raymond James Financial • New York, NY, US
    [job_card.full_time]
    Under direct supervision, uses specialized knowledge and skills obtained through education and experience, to assist in analyzing portfolio analytics, asset allocation and investment holdings with ...[show_more]
    [last_updated.last_updated_1_day] • [promoted]
    Senior Risk Analyst

    Senior Risk Analyst

    Argonaut Management Services, Inc • New York, NY, United States
    [job_card.full_time]
    Argo Group International Holdings, Inc.American National, US based specialty P&C companies, (together known as BP&C, Inc. Brookfield Wealth Solutions, Ltd.BWS"), a New York and Toronto-listed public...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]