Cybersecurity / Technology Risk Management Consultancy, based in the USA, seeks a junior analyst to support various consulting projects.
Cybersecurity / Technology Risk Management Jr Analyst
Who you are (ideal candidates)
· Require a student whose major is Computer Science, Information Systems, Information Assurance (or similar).
· Prefer a freshman or sophomore student who could work with the consulting firm for 2+ years throughout their college career. Junior or Senior-level, high school, or college students will also be considered.
· Student must be seeking a future career in cybersecurity/technology risk management (the objective of the program is that this job will prepare the student for post-graduation work in this field in which there is currently a skills shortage)
· Able to dedicate a minimum of 25 hours per week to on-site work at a location
· Able to dedicate an additional 5-15 hours per week to off-site studying / on-the-job training
· Able to learn quickly
· Able to study independently and demonstrate a clear understanding of the topics studied as applicable to work objectives
· Possess intermediate-level knowledge of Microsoft Office suite (Word, Excel, PowerPoint, Outlook, etc.)
· Inquisitive nature, must ask clarifying questions to maximize the learning experience and enable effective execution of work duties
· Able to transition from the ‘learning phase’ to the ‘doing phase’ expeditiously
· Possession of, progression towards, or interest in any form of security or technical certification is beneficial (CompTIA Security+, CISSP, Certifications from AWS, Microsoft, Google, etc.)
What you will do (work duties)
Under the supervision of Senior Consultants or “Subject Matter Experts”:
· Participate in technology risk management activities such as risk assessments, control testing, risk classification, etc.
· Support projects in which the primary deliverables to the client organizations are fact-based / data-driven assessments of their security risk based on their compliance (or non-compliance) with documented control objectives or Risk Management Framework (RMF)
· Draft technology risk management deliverables for review by senior consultants / SMEs. Receive feedback and re-draft the deliverable through multiple feedback cycles through completion.
· Continuously receive training on cybersecurity and technology risk management subjects in high demand in the industry. (Thereby increasing your value as a future professional and your current value add to the consultancy)
The role includes mandatory studying of technology risk management/cybersecurity topics.
Sample required readings include:
· NIST Cybersecurity Framework:
· NIST Special Publication 800-53:
How you will benefit (perks for you)
· Unique opportunity to learn under the direct supervision of a cybersecurity consulting executive
· Paid training targeted towards subject matter(s) and skills that are in high demand
A flexible schedule that can enable you to work 30-40 hours around your class schedule