Senior Analyst, Cyber Risk Quantification and GRC

Senior Analyst

At Forrester, we're trusted to work on trailblazing, mission critical problems that business and technology leaders face today. That's why we're always looking to empower talented individuals to perform at their best every single day. We're proud of our community of smart people and vibrant voices who come together to do what's right by our clients and each other. Our success is driven by curiosity, courage and customer obsession. The confidence and drive to be bold at work. Join us and build an extraordinary future.

About This Role:

Forrester is currently looking for a Senior Analyst to conduct research and deliver strategic advice for risk management leaders and their teams. The ideal candidate has a strong understanding of risk management roles, responsibilities, and the most important security and risk trends and their business and technology implications; deep knowledge and experience with risk management practices and methods; deep knowledge and expertise in cyber risk quantification; and deep experience in developing, maintaining, and communicating risk management artifacts including risk standards, procedures, appetite, registry, and business strategy. Expertise in compliance management, internal or external audit, and GRC platforms is strongly desired.

The successful candidate researches and uncovers the strategies, technologies, and best practices of risk management that create a resilient and opportunity-seeking business. The Senior Analyst delivers these insights and recommendations in written reports, presentations, inquiries, guidance sessions, and custom advisory for risk leaders across industries and geographies. Our research is aimed at helping enterprise clients solve business problems and improve business results by applying principles and best practices. We also advise vendors on their strategies, roadmaps, and messaging in line with our market insights and our recommendations for enterprise clients.

Job Description:

The Senior Analyst works as part of a high-performing team with a strong emphasis on collaborating with others in all aspects of the job. The Senior Analyst is expected to:

• Develop a deep understanding of what Forrester clients require to be successful as risk management leaders and professionals with a focus on how they help their organizations develop risk management capabilities that enable a resilient and opportunity-seeking business.
• Conduct primary research into risk management capabilities, practices, touchpoints, and artifacts in the context of supporting C-suite executives, business leaders, and appropriate committees.
• Help define the future of risk management, including how risk leaders and professionals can work with other key business functions and support organizational success.
• Work with different focus areas across Forrester research teams to develop a complete research portfolio on risk management, providing both input to others' research and writing reports incorporating expertise from across Forrester to provide a "big picture" view.
• Partner as appropriate with other Forrester analysts on broader risk topics: risk quantification, third-party risk, systemic risk, compliance, and cyber risk.
• Research/write/create approximately six to eight research projects per year — a mix of written reports, tools, webinars, videos, podcasts, infographics, and other intellectual property. Build visibility for their research and contribute to Forrester client communities.
• Consult with clients to apply Forrester's research in the context of their specific business environment and help solve their problems through inquiry, guidance, and advisory engagements.
• Establish an industry presence as an influential speaker and thinker; build relationships with journalists who cover the sector; and participate in vendor briefings and field press inquiries as necessary.

Job Requirements:

• Five to seven years as a research analyst, consultant, or practitioner where you have led or been involved in risk management, with a focus on cyber risk quantification, or an equal amount of time as product manager for vendors that serve the market.
• A deep intellectual curiosity about the effect of technology on the business landscape; solid business instincts and a practical understanding of what makes companies tick; and a creative view of markets, technologies, and attitudes combined with a fascination with the future.
• Superior listening, critical thinking, and writing skills as well as compelling presentation skills.
• The ability to take complex, disparate ideas and distill them into simple, provocative concepts — and be willing to take a stand on vendors and outcomes.
• The ability to travel up to 20% of the time.

Base salary range: $119,000 - $193,000

Base salary range for Georgia: $106,000 - $174,000

Base salary range for New York City, NY: $136,000 – $222,000

Bonus target: 10%

The application deadline is July 31, 2026. Please refer to the job posting on Forrester.com careers page if the deadline has been extended.

Here at Forrester, we welcome people from all backgrounds and perspectives. Our aim is for all candidates to be able to fully participate in Forrester's recruitment process. If you would like to discuss a reasonable accommodation, please reach out to View email address on click.appcast.io.

Forrester Research, Inc. is an Equal Employment Opportunity Employer. As a federal contractor, Forrester encourages veterans and individuals with disabilities to apply for employment.