US|Cybersecurity Risk Analyst

#2043888
Location : Houston, Texas 77002
Schedule : Onsite
Type : 12month contract to start
Compensation : $49-57/hr w2
Role Description:
The Risk Analyst position is responsible for assessing risks, analyzing cyber threats, and assisting in preventing cyber-attacks before they occur. They provide guidance on tools to measure and manage risk, identify/mitigate threats, and protect against unauthorized disclosure of confidential information. Risk Analysts duties include assessing the adequacy of security strategies, adherence to security guardrails and calculating the impact of adverse events or threats. Ideal candidates will assist in ensuring effective execution of cybersecurity strategies and our risk management framework by managing relationships with key stakeholders, verifying that IT risks are appropriately mitigated, as well as providing periodic updates on the state of compliance.
Responsibilities:
• Advises on cybersecurity initiatives that support the latest trends in IT & OT security, risk, and controls.
• Maintains cybersecurity documentation including Business Continuity and Disaster Recovery Plans
• Facilitates risk assessment exercises, perform compliance and risk monitoring/validation, and other compliance assurance exercises as required.
• Leads awareness and training for the information technology risk program elements to ensure responsibilities are understood and executed.
• Provides guidance to ensure adherence to Policy 575 and Policy 564 Cyber concurrence for new or upgraded solutions.
• Coordinates external and internal assurance or advisory audits, representing information technology throughout the lifecycle of the audit (from planning through remediation strategy).
• Monitors, tracks, and reports mitigation and resolution of IT risks.
• Facilitates compliance of all equipment utilized in the IT, Process Control Network (PCN)/Operational Technology (OT) and Demilitarized Zone (DMZ), including timely remediation of critical vulnerabilities.
• Supports and integrates cybersecurity standards into the IT and OT environments.
• Serves as site representative for internal and external cyber initiatives.
• Works closely with other technical, incident management, and forensic personnel to develop a broader understanding of the intent, objectives, and activities of cyber threat actors and supports the cyber defense program.
Required Qualifications/Skills:
• Minimum 3-5 years related work experience in Information Technology field.
• Work experience in Operational Technology/Industrial Controls Systems field
• Knowledge of and experience with Industry Policies, Standards and Controls (e.g., NIST 800-53, IEC-62443 in an ICS environment, ISO 27001, COBIT, ITIL, SOX, PCI-DSS, SANS, etc.).
• Understanding of key technology/data concepts such as access control, confidential data, encryption, data privacy, information management, intellectual property, business continuity, disaster recovery, security scans, and 3rd party/vendor applications.
• Strong knowledge of IT organization business processes and systems including (IT Security, data management, architectural and planning, technology life cycle management, regulatory concerns).
• Certifications: Desired but not required - Certifications in Industrial Control Systems Cybersecurity, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager, (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or other Cybersecurity Certifications (e.g. GISCP, GCIP, or similar certifications).
Preferred Qualifications/Skills:
• Vendor-specific training on Operational Technology, ICS equipment manufacturers and internal network systems.
• A self-starter that demonstrates One Team behaviors and demonstrated knowledge of effective influencing tactics and strategies.
• Highly organized with ability to prioritize and multi-task, as well as able to thrive in a fast-paced environment.
• Ability to impact decisions, influence and motivate teams, and work with a variety of disciplines, cultures, and environments.
• Communicates in a clear, concise, understandable manner both orally and in writing.
• Ability to explain detailed IT concepts and solutions in business terms and make complex materials clear and engaging.
• Utilizes qualitative and quantitative risk analysis best practices to provide a clear decision-making framework for managing information risk.
Education:
• Associate or Bachelors degree in Computer Science, Cybersecurity, Information Technology, or a similar technical degree. Relevant experience will be considered.

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [email protected] or 844-463-6178 .

Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico.