Security Analyst - Risk
Posted 1 month ago Expired
This job has expired
Looking for a job like Security Analyst - Risk in or near Lake Forest, IL? Upload your resume and we'll notify you when similar positions become available.
Upload Your ResumeAbout This Role
This Security Analyst role focuses on identifying, assessing, and managing information security and technology risks. The professional will perform risk assessments, support compliance efforts, contribute to third-party risk management, and advise on mitigation strategies for technology initiatives.
Responsibilities
- Perform information security risk assessments, control testing, and security reviews across systems, applications, and processes.
- Support compliance efforts by assessing alignment with internal policies, regulatory requirements (NIST CSF, PCI DSS 4.0), and assisting in identification and tracking of remediation activities.
- Contribute to third-party risk management activities, including reviewing vendor security documentation and conducting risk assessments.
- Support technology initiatives by identifying potential risks and control gaps and advising on mitigation strategies.
- Work independently on assigned assessments while escalating complex risks as needed, contributing to continuous improvement of the organization’s information security risk management program.
Requirements
- 2-4 years in information security, technology risk, cybersecurity, GRC, internal audit, or risk advisory roles
- Working knowledge of information security and risk frameworks such as NIST CSF, NIST 800-53, or similar standards
- Experience conducting risk assessments, control reviews, and gap analyses
- Familiarity with third-party and vendor risk management
- Ability to document findings clearly and communicate technical risks in business-focused language
- Experience supporting audits, regulatory examinations, or compliance initiatives
- Strong analytical, organizational, and time-management skills
Qualifications
- Bachelor’s degree in Information Security, Information Systems, Computer Science, Risk Management, or a related field, or equivalent practical experience
- 2-4 years of experience in information security, technology risk, cybersecurity, GRC, internal audit, or risk advisory roles
Nice to Have
- Relevant certifications such as CISA, CRISC, CISSP, or progress toward certification
- Understanding of common security domains (e.g., access management, data protection, incident response, vulnerability management, network security)
- Experience in regulated environments (financial services, healthcare, technology, or similar)
- Exposure to cloud security concepts (AWS, Azure, GCP) and modern technology environments
- Experience preparing risk metrics, dashboards, or management-level reporting
Skills
* Required skills
Benefits
About Grainger
W.W. Grainger, Inc., is a leading broad line distributor with operations primarily in North America, Japan and the United Kingdom, serving over 4.5 million customers worldwide with MRO products and solutions.