Senior IT Risk Analyst (Information / Cybersecurity)

Tempe, AZ
Product Development – Security /
Full-time /
KUBRA is looking for a technical Senior IT Risk Analyst to join our Information Security team!
As a Senior IT Risk Analyst you will lead day-to-day governance, risk, and compliance (GRC) operations related to privacy, policy compliance, security requirements governance, and risk management functions.

You will also lead information security compliance programs and audits including, but not limited to: PCI-DSS, SOC1, SOC2, SOX, HIPAA, ensuring IT activities, processes, and procedures meet defined requirements, policies, and regulations.

As a Senior Risk Analyst will also help develop risk and compliance strategies and create, improve, and monitor company’s cybersecurity controls.

This is a hybrid role based out of our office in Tempe, AZ. 

What you get to do every day

    • Update security controls and provide support to all stakeholders on security controls covering internal assessments, regulations, protecting Personally Identifying Information (PII) data, and Payment Card Industry Data Security Standards (PCI DSS).
    • Execute strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, PCI DSS, HIPAA, NIST
    • Perform privacy impact assessments and conduct related ongoing compliance and regulatory monitoring activities
    • Help define and lead the implementation of an enterprise-wide strategy focused on the reduction of risk 
    • Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.

What kind of person should you be?

    • Willing to take initiative and work proactively under minimal supervision
    • Ability to prioritize and successfully complete tasks while working under pressure in a fast-paced environment
    • Multi-tasking skills with the ability to manage and balance large volumes of work
    • Attention to details and strong analytical skills
    • Team-player with strong interpersonal skills and a professional attitude
    • Capable of fostering strong working relationships with all levels of staff within the organization and external contacts
    • Ability to work with sensitive and confidential material
    • Strong communication skills, both written and verbal

What skills do you need?

    • 5+ years of relevant experience in the IT risk, privacy, security, compliance or audit field
    • Bachelor’s degree in Information Systems, Cybersecurity, or a related field
    • Must have strong working knowledge of Information Security best practices and standards such as (but not limited to) PCI DSS, SSAE18, SOX, ISO 27000 Series, COBIT, etc.
    • Experience leading and implementing privacy and compliance practices
    • Experience performing information security audits or risk assessments
    • Strong working knowledge of Privileged Access Management, Identity and Access Management, Log Collection/Monitoring/Baselining, Vulnerability, and Patch Management concepts
    • Strong technical understanding of firewalls, WAFs, SIEM, antivirus, IDS/IPS, and cloud concepts
    • Experience in administration of GRC tools

    • Certifications, preferred but not required:
    • CISSP (desired)
    • CISM (preferred)
    • CRISC (preferred)
    • PCIP (preferred)
    • Any other industry recognized certifications

What can you expect from us?

    • Award-winning culture that fosters growth, diversity and inclusion for all
    • Paid day off for your birthday
    • Access to LinkedIn learning courses
    • Continued education with our education reimbursement program
    • Free unlimited access to our refreshment stations (fully stocked with tea, coffee and other beverages)
    • Two paid days for volunteer opportunities
    • Well-being days!

    • #PHX2024
While we value the skills and experiences listed in our job requirements, we also recognize that talent comes in many forms, and welcome applications from candidates who meet most but not all specified requirements. If you possess a strong desire to learn and grow in a dynamic work environment, apply now!

KUBRA is a fast-growing company that delivers customer communications solutions to some of the largest utility, insurance, and government entities across North America. KUBRA offers billing and payments, mapping, mobile apps, proactive communications, and artificial intelligence solutions for customers. With more than 1.5 billion customer interactions annually, KUBRA services reach over 40% of households in the U.S. and Canada. KUBRA is an operating subsidiary of Hearst.
Our office is small enough to allow creative individuals to flourish, yet large enough to provide long-term stability. We place a tremendous amount of responsibility on our team members to be productive, focused and self-motivated. We offer a casual work environment, competitive compensation and a stellar benefits program.