We are seeking a Senior Analyst, Cyber Risk & Compliance (f/m/d) in Dublin is responsible for executing core cyber & IT risk management activities that support the organization’s overall security, compliance, and resilience objectives. This role is primarily focused on performing cyber and IT security risk assessments, evaluating the design and effectiveness of security controls, maintaining the enterprise cyber risk register, and producing risk posture reporting for leadership and key stakeholders.
The ideal candidate is a strong execution-oriented practitioner with hands-on experience in risk identification, control assessment, risk analysis, GRC platform administration/use, and reporting, along with a solid understanding of the NIST Cybersecurity Framework (CSF) and NIST Risk Management Framework (RMF).
Your role
- Conduct cybersecurity and IT risk assessments across systems, applications, infrastructure, business processes, and third parties, as applicable.
- Use ServiceNow IRM or similar GRC tools to manage risk workflows, control records, issues, exceptions, and reporting.
- Perform control assessments to evaluate control design, implementation, and operating effectiveness.
- Identify and document threats, vulnerabilities, control gaps, business impacts, and residual risks.
- Maintain the cyber risk register, including risk scoring, ownership, treatment plans, and remediation status.
- Track and follow up on risk remediation and corrective action plans with control owners and stakeholders.
- Prepare risk posture dashboards, reports, KRIs, and summaries for leadership and governance forums.
- Support alignment with applicable regulatory and framework requirements, including NIST, NIS2, DORA, ISO 27001/27005, and PCI DSS.
- Partner with cybersecurity, IT, compliance, audit, legal, and business teams to gather evidence, validate findings, and support remediation efforts.
- Contribute to audit, compliance, and regulatory readiness activities by maintaining clear and accurate risk and control documentation.
- Analyze risk trends and recurring control issues to support continuous improvement of the risk management program.
Assist in strengthening and standardizing risk assessment methodologies, templates, and reporting processes.
-
Qualifications
- 4-7+ years of experience in cybersecurity, IT risk, information security, audit, or compliance.
- Hands-on experience with risk assessments, control assessments, risk registers, and risk/reporting processes.
- Strong knowledge of NIST CSF and NIST RMF, with familiarity in NIS2, DORA, ISO 27001/27005, PCI DSS, and related frameworks.
- Hands-on experience with ServiceNow IRM / GRC platforms is a must.
- Strong analytical, documentation, communication, and stakeholder management skills.
- Ability to translate technical findings into clear business risk language.
- Bachelor’s degree in a related field; certifications such as CRISC, CISA, CISSP, or CISM are preferred.
- Fluent English language knowledge performance.
