Cybersecurity Threats and Risk Analyst

Implement and support leading technologies as a member of IT team. Gain valuable experience with exposure to challenging and dynamic projects in all aspects of our business. Join our highly experienced network of professionals and connect with our creative team. The Cybersecurity Threats & Risk Analyst will work within the IT Security & Compliance organization to identify, analyze, and help mitigate cybersecurity risks and threats affecting the organization’s systems, data, and operations. The ideal candidate will be responsible for assessing cyber risk and monitoring threat actor activity by analyzing security events, vulnerability data, threat intelligence, and security control effectiveness across infrastructure, applications, cloud, endpoint, and data environments. This person will work closely with cyber engineering, cyber architecture, cyber operations, and risk management teams to support detection, investigation, and response efforts, while contributing to a broader understanding of the organization’s risk posture and threat landscape. They will also collaborate with IT and business teams to support remediation efforts, improve security visibility, and strengthen day-to-day security operations. Other responsibilities include, but are not limited to: Participate in cyber risk and threat analysis activities, including risk assessments, threat monitoring, threat modeling, vulnerability analysis, and evaluation of security control effectiveness. Analyze security alerts, threat intelligence, vulnerability data, and logs to identify potential threats, control gaps, and emerging risks. Document risk findings, threat activity, investigation results, and remediation recommendations in accordance with established risk management standards. Support threat investigations and incident response efforts through analysis, evidence collection, and impact assessment. Conduct and support vulnerability and threat assessments, including tracking risks and validating remediation efforts. Assist with third-party and vendor risk assessments by reviewing documentation and identifying potential risk exposures. Develop and document assessment procedures, test cases, and validation steps used to evaluate security controls. Support the validation and maintenance of security and risk tools (e.g., SIEM, vulnerability scanners, threat intelligence, GRC tools). Identify opportunities to improve threat visibility, risk detection, and analytical workflows. Perform root cause analysis for security incidents, control failures, or recurring threat patterns. Adhere to change management, incident handling, and security governance policies. Monitor environments during significant changes or maintenance activities for potential risk or threat impact. Prepare risk and threat summaries for review by senior analysts, managers, and cross-functional teams. Collaborate closely with cyber engineering, architecture, and operations teams to support remediation and control improvements. Qualifications The successful candidate will meet the following qualifications: A college or technical school degree is preferred. Experience working in enterprise IT or security environments with diverse technologies and integrations. Foundational knowledge and experience in cyber risk and threat analysis concepts, threat detection and vulnerability assessments, as well as common security controls across infrastructure, applications, cloud, endpoint, and data environments. Working knowledge of security tools and platforms such as SIEM, vulnerability scanners, threat intelligence platforms, or GRC tools. Understanding of common threat frameworks and methodologies (e.g., NIST, MITRE ATT&CK). 2–5 years of applicable professional experience that substantially includes the following: Cyber threat analysis, vulnerability assessment, or security operations support. Reviewing and analyzing security alerts, logs, and threat intelligence. Documenting risk findings, investigations, and remediation recommendations. Experience supporting incident response, investigations, or post-incident analysis is preferred. Experience assisting with third-party or vendor risk assessments is preferred. Strong analytical and problem‑solving skills, with attention to detail and the ability to identify patterns and anomalies. Ability to clearly document findings and communicate technical information to senior analysts and cross‑functional partners. Self‑motivated and able to work with limited supervision while following established procedures. Strong organization and time management skills, with the ability to manage multiple tasks and priorities. Willingness and ability to learn new tools, technologies, and threat techniques as the threat landscape evolves. Ability to work and contribute effectively in a team environment to support overall security and risk management objectives. Relevant cybersecurity certifications are preferred (e.g., Security+, CySA+, GSEC, GCIH, or similar). #J-18808-Ljbffr The Jupiter Group, Inc