Cybersecurity Risk Analyst

About Creative Artists Agency Creative Artists Agency (CAA) is the leading entertainment and sports agency with global expertise in filmed and live entertainment, digital media, publishing, sponsorship sales, endorsements, media finance, consumer investing, fashion, trademark licensing, and philanthropy. CAA represents more than 2,000 top athletes and personalities and works in broadcast rights, corporate marketing initiatives, social impact, and sports properties sales and sponsorship opportunities. Role Overview This hands‑on security position works within the Information Security group and with the internal IT department to deliver end‑to‑end security services. The role focuses on developing and deploying capabilities that protect enterprise systems and data, ensuring compliance with policy and security controls, and enabling the business to detect, contain, and respond to threats quickly. Responsibilities Support a Technology Vendor Management program, ensuring technology risk reviews across multiple disciplines and monitoring renewals and savings opportunities. Participate in risk reviews of the IT control framework (NIST CSF, CIS, ITIL, ISO 27001, etc.). Conduct thorough vendor, product, and applications security assessments partnering with system owners to integrate security early during the project lifecycle. Partner with business groups to review workflows and produce outputs that enhance security processes. Coordinate the implementation of core security integrations (SSO, event logs, secrets, alerting, threat model, backup/recovery) with applications developed in-house and externally/SaaS environments. Ensure security considerations are implemented and solutions are configured securely. Coordinate with IRM leadership to develop and deliver key security metrics and ensure technical controls meet desired objectives. Qualifications Minimum of 3–4 years in Information Technology. Minimum of 2 years’ experience in cybersecurity risk management. Bachelor’s or Master’s degree in a relevant field. Strong analytical skills for vendor risk due diligence. Familiarity with information security frameworks (NIST, ISO 27001), data privacy regulations (GDPR, CCPA), and certifications/attestations (SOC, ISO, PCI‑DSS, FedRAMP). Experience coordinating technical integrations for security tooling and processes. Ability to review complex systems architectures to identify key security integration opportunities. Produce comprehensive written vendor security assessments. Experience using security analytics tooling to produce operational metrics and dashboards. Strong understanding of fundamental operations of servers, operating systems, cloud applications, and infrastructure. Preferred Qualifications Core skills in cybersecurity fundamentals and third‑party risk management. Familiarity with third‑party risk management tools/processes such as OneTrust, SIG, or similar GRC platforms. Hands‑on experience in Azure and AWS cloud environments and familiarity with core cloud services and architecture. Familiarity with core security concepts of Single Sign‑On (PingFed, SAML), Identity and Access Administration (Active Directory, Azure AD, AWS IAM), event management (Splunk). Expert skills in Microsoft Office suite and JIRA. Location This hybrid role is based in our Nashville office. Compensation The annual base salary for this position is between $87,000 and $104,000 in Nashville. The position may also include benefits and a discretionary bonus, with final pay determined by experience, time in role, business sector, and geographic location. Equal Employment Opportunity Creative Artists Agency, LLC is committed to a policy of Equal Employment Opportunity and will not discriminate on the basis of race, color, religion, gender, national origin, age, disability, or any other protected characteristic under applicable law. The Company also complies with the Americans with Disabilities Act and applicable state and local laws regarding reasonable accommodation for qualified individuals with disabilities. #J-18808-Ljbffr Creative Artists Agency