Cybersecurity Risk Analyst

Bellevue Washington
Required Experience: 0 year(s)
Employment Type: Full-Time
Salary Range: Not available
Posted 9 days ago
Job Description
Cybersecurity Risk Analyst Apply Share Posted Date: Apr-23-2019 Job ID: 14179 Job Type: Full Time Job Function: Legal City: Bellevue State: Washington Store: Bellevue What's cool about this job As the Cybersecurity Risk Analyst, you will be in charge of conducting risk assessments related to projects, evolving lines of business, and in response to ad hoc requests. You will need to understand the tactics, techniques and methods of the newest cyberattacks relevant to REI, including those presented by cybersecurity criminals, advanced persistent threats (APT), hactivists, insiders, or other nefarious actors. You will identify potential risks within the context of the Co-op’s cyber landscape, assess the level of cybersecurity risk, and recommend appropriate mitigation countermeasures. You will collect, process, analyze, and disseminate cybersecurity risk assessments, and maintain an updated risk registry tracking information security risks and countermeasures for the organization. The position will require working in a collaborative environment to help lower cybersecurity risk across the Co-op. The Cybersecurity Risk Analyst will work with Privacy, Compliance, Third-Party, Security Engineers, Business Owners, and their IT Partners as part of an internal service model that allows the business to track, manage, and mitigate key information security risks and maintain alignment with the Co-op’s overall cybersecurity risk management strategy. This role aligns with a second line of defense approach for the Co-op and is not an operational security role • Perform cyber defense and cyber risk trend analysis as part of a cross-functional security and privacy risk management team • Write Cybersecurity Risk Assessments as a part of the Enterprise Security Risk Assessment process • Create and maintain appropriate documentation and artifacts for security, risk management, compliance, and business audiences • Track and update security risks as part of a comprehensive information security risk management program • Pull data from a variety of cyber defense platforms and teams (e.g., IDS alerts, firewalls, network traffic logs) to analyze the Co-op’s digital footprint and identify trends for the purpose of mitigating enterprise-level cyber risks • Clearly and articulately communicate the value of information security throughout all levels of the organization • Develop cybersecurity risk assessments based on interviews and requirements from internal business owners • Assess effectiveness of cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple levels of data • Develop cybersecurity countermeasures and risk mitigation strategies for complex and interrelated systems • Document and address organization's information security and systems security requirements throughout the technology acquisition life cycle • Draft statements of preliminary or residual security risks for system operations Bring your passion and expertise • Bachelor’s degree in computer science, math, or engineering, or 5+ years training and experience in the cybersecurity field • Certificates in key cybersecurity areas of defense (i.e. GSEC, GISF, GMON and/or GCCC) • Experience in information security risk management, analysis and/or compliance • Functional understanding of computer networking activity concepts and protocols, and network security methodologies • Functional understanding of network protocols such as TCP/IP, Dynamic Host Configuration, DNS, and directory services • Experience and background in network design processes, to include understanding of security objectives, operational objectives, and trade-offs • Skilled in both written and verbal communications to technical and non-technical stakeholder audiences • Skilled in assessing security controls based on cybersecurity principles and tenets • Skilled in collecting data from a variety of cyber defense resources • Skilled in evaluating the adequacy of security designs Why you'll love it here We’re a passionate community of people who believe in one simple truth: an outdoor life is a life well-lived. REI is a co-op, born in the mountains of the Pacific Northwest in 1938. We’re here to help our over 6 million active members have amazing experiences outside—and do the same ourselves. Bring your creativity, customer focus and enthusiasm for living life outdoors—we can’t wait to meet you! At REI we offer an enviable work environment that has been recognized on the "100 Best Companies to Work For" list since the award's inception – 22 years in a row! Sure, we work hard, but it’s balanced with time off to play—a strategy that works for us as we continue to grow and thrive. Want to enjoy a workplace where you can be yourself, be heard and be respected while having a job that challenges you? This is the place. With more than 150 retail locations (and growing), REI offers unique competitive benefits to its more than 13,000 employees, including healthcare, gear and apparel discounts, free equipment rentals and challenge grants to help employees reach personal outdoor goals, generous retirement plan contributions, public transit subsidy, adoptions assistance, paid sabbaticals, and more. REI is an Equal Opportunity Employer Apply Back to job search Share