Our client, a large financial services company, is seeking a Cybersecurity & Technology Risk Management Compliance Analyst for a contract to hire position. This is a hybrid, 3 days per week in the office position. It can be staffed in Tampa, FL or Dallas, TX This is an excellent opportunity for a top cybersecurity professional looking for a full time employment opportunity at a global financial services organization.

The Cybersecurity & Technology Risk Management Compliance Analyst ensures compliance with various cybersecurity regulatory requirements, industry standards, frameworks, and best practices. The role involves identifying, developing, and mapping internal cybersecurity and technology policies, procedures, and controls to demonstrate compliance with cybersecurity regulations. The role monitors and organizes existing controls and their alignment in the enterprise GRC tool. The ideal candidate has at least five years of relevant experience and a thorough knowledge of technology controls (IT and cyber) within today's IT threat landscape. A strong understanding of testing cybersecurity methodologies, frameworks, and regulations in the financial services sector is essential. Principal Responsibilities:

Perform mapping of regulatory requirements to policies, procedures, industry standards, frameworks, and existing controls.

Review policies and procedures to ensure compliance with regulatory requirements, addressing gaps and inconsistencies.

Maintain a comprehensive library of applicable cybersecurity laws and regulations, requirements, and resulting controls.

Prepare reports on the program's status for appropriate governance structures and senior management.

Facilitate impact assessments to evaluate new or changing regulations and readiness for compliance.

Evaluate new initiatives and business ventures to identify and evaluate compliance requirements and readiness.

Develop action plans for developing and enhancing cybersecurity controls and provide ongoing support and monitoring of their implementation.

Understand cyber and IT best practices, including knowledge of frameworks, guidelines, and regulations (e.g., NIST Cybersecurity Framework, FFIEC, NYSDFS).

Ensure cybersecurity and technology risk management meets all industry regulations, standards, and compliance requirements.

Qualifications:

5+ years’ experience; prior experience in risk management, legal, compliance, or auditing preferred.

Bachelor’s degree preferred; advanced degree and/or certification a plus.

College Degree in Business Management / Computer Science [or related field preferred].

CISA, CISM, CISSP, CRISC, or equivalent certification.

Proficient in PowerPoint, Excel, and Word.

Knowledge of financial services laws and regulations, particularly in the securities markets.

Experience working at or with financial services regulators (e.g., SEC, FRB, NYSDFS, CFTC, ESMA, etc.) is highly desirable.

Previous audit experience preferred.

Familiarity with ISO/IEC 27001/27002:2013, NIST Cybersecurity Framework, NIST Special Publication (SP) 800-53, or other cyber, technology, financial services guidelines, frameworks, and regulations is required.

Understand concepts of information technology risk and the different elements required to mitigate risk.

Knowledge of basic compliance principles and standards, including industry best practices and compliance controls.

Proven knowledge of technical infrastructure, networks, databases, and systems and how they affect an organization's cybersecurity and technology risk.

Flexible work from home options available.