Senior Cyber Risk Analyst (Contract-to-Hire)

Job Description

Job Description

Title: Cyber Risk Analyst - Senior

Rate: $45 - $50/hr

Location: Columbus, OH (Hybrid - Onsite 2 Days per Week. must be local only)

Contract Duration: 1 Year Contract (Contract-to-Hire)

Contract Type: W2 (Must be a U.S. Citizen; No Sponsorships, No F1-OPT, No C2C, No 1099)

We are seeking a Senior Cyber Risk Analyst to develop, maintain, and execute our client's Cyber Assessments Program , including Third-Party Risk Management and Technology Support . The selected candidate will conduct corporate and technology control assessments, coordinate independent assessments such as penetration tests, NIST CSF evaluations, and regulatory mock reviews , and support enterprise Archer GRC and Fortress implementations.

This role requires strong collaboration with Compliance (NERC CIP & Pipeline), Innovation, Supply Chain, and Business Teams to ensure the effectiveness of the Cyber Assessment program. The Cyber Risk Analyst will also be responsible for system enhancements, dashboard reporting, and metric development to drive cybersecurity compliance and risk mitigation efforts.

• Execute the Cyber Assessments Program , including Third-Party Risk Management and control assessments.
• Utilize Fortress and Archer GRC platforms to manage assessments, upgrades, dashboards, and metrics.
• Support cybersecurity initiatives across multiple business units, ensuring compliance with NIST 800-53 v5 control sets.
• Coordinate penetration tests, mock regulatory reviews, and other independent assessments to identify vulnerabilities and compliance gaps.
• Collaborate with stakeholders such as Compliance, Innovation, and Supply Chain teams to ensure cybersecurity best practices are implemented effectively.
• Analyze risk data and generate reports to support leadership decision-making.
• Drive process improvements within the Cyber Assessments Program, identifying opportunities for automation and efficiency.
• Support IT security functions , including risk management, security assessments, and remediation tracking.

• Bachelor's Degree or equivalent work experience in Information Security, Cyber Risk, or IT .
• 4-6 years of IT or cybersecurity experience in various support functions.
• Strong understanding of NIST 800-53 v5 security controls.
• Proficiency with ITIL processes and metrics ; ITIL v4 certification required upon hire.
• Experience with cybersecurity risk assessments, penetration testing, and regulatory compliance programs.
• Hands-on experience using RSA Archer GRC for risk and compliance management.
• Experience with Fortress or similar Third-Party Risk Management tools.
• Solid knowledge of IT infrastructure components, cybersecurity best practices, and risk frameworks.
• Proficiency with Microsoft Office 365 (Excel, Word, SharePoint) and ServiceNow.
• Ability to work independently and manage multiple priorities in a fast-paced environment.
• Strong analytical, problem-solving, and root cause analysis skills.

• Experience in the gas and electric utility industry is a plus.
• Strong background in process automation, reporting, and data analysis using Excel, Power BI, and SharePoint .
• Experience working with ServiceNow for IT risk management.