Senior Cyber Risk Analyst
Company: VBG
Location: Las Vegas
Posted on: January 15, 2026
|
|
|
Job Description:
Job Description Job Description Description: Who We Are: Veteran
Benefits Guide (VBG) was founded by a former United States Marine
with the goal of ensuring that Veterans receive accurate disability
benefits in a timely manner. Since it was founded, VBG has guided
more than 45,000 Veterans through the complicated Veterans Affairs
(VA) disability claims process. As a company founded by a Veteran
and staffed by many Veterans and families of Veterans, VBG is
committed to advocating for policies that protect the rights and
interests of former service members. What we are looking for: The
Senior Cyber Risk Analyst is responsible for leading enterprise
cyber risk management activities, maintaining security and IT
policy governance, and providing clear, actionable risk insights to
senior leadership. This role partners closely with technology,
legal, product, and business teams to identify, assess, and
remediate cyber risks across the organization. This position is
open to candidates located in the following states: Arizona (AZ),
California (CA), Washington (WA), Nevada (NV), Utah (UT), Illinois
(IL), Ohio (OH), New Jersey (NJ), Virginia (VA), North Carolina
(NC), and Florida (FL). Essential Functions: Reasonable
accommodation may be provided to enable individuals with
disabilities to perform essential functions. Own and maintain the
organization’s information security and IT policies, ensuring align
with industry standards and are functionally enforceable in the
organization. Develop risk posture reporting for senior leadership,
including risk assessments, control effectiveness, and risk
register updates, tailoring depth and messaging to technical and
executive audiences Manage the control framework and library by
identifying control gaps across technology domains and leading
annual control testing and enterprise security assessments Lead
enterprise cyber risk management activities including identifying
and quantifying cybersecurity risks using standardized risk rating
methodologies Maintain the enterprise risk register and oversee
cybersecurity remediation efforts while advising on compensating
controls and interim risk treatment strategies Partner
cross-functionally with legal, technology, product, and business
teams to understand regulatory obligations, risk tolerance, and
remediation priorities Coordinate and facilitate cross-functional
remediation discussions while tracking progress and driving
accountability for risk reduction Own the third-party risk
management process, including vendor security questionnaires, risk
assessments of new and existing vendors, and development of
remediation plans to address identified security gaps Ability to
work independently and drive end-to-end initiatives with minimal
supervision Understanding of DevOps, security architecture, and
security configurations, enabling effective collaboration with
engineering, product, and infrastructure teams to identify and
mitigate risks Adaptability and resilience in an evolving
environment Stay current with emerging threats, regulatory changes,
and industry best practices in risk management, compensating
controls, and enterprise technologies. Proven ability to translate
complex technical risks into clear business impacts and actionable,
risk-based recommendations for stakeholders. Excellent analytical,
written, and verbal communication skills with the ability to
influence decision-making across technical and non-technical
audiences Qualifications or competencies: One or more
industry-recognized certifications such as CompTIA Security, CISA,
CISM, CISSP, or equivalent Hands-on experience with GRC tools
(Archer, ServiceNow GRC, Vanta, etc.) and formal risk assessment
methodologies Strong working knowledge of risk management
frameworks (NIST, ISO, and CIS) and regulatory requirements for
HIPAA compliance Broad security domain expertise, including cloud
environments, SDLC, application security, data protection and
enterprise architecture. Education and previous work experience: 5
years of experience in cyber risk management, control assurance, or
information security governance Bachelor's degree or equivalent
work experience in Information Technology, Cybersecurity, or a
related discipline Position type: This is a full-time position.
Days and hours of work are Monday through Friday, 8 a.m. to 5 p.m.
EEO: Veteran Benefits Guide (VBG) provides equal employment
opportunities to all employees and applicants for employment and
prohibits discrimination and harassment of any type without regard
to race, color, national origin, ancestry, physical disability,
mental disability, medical condition, marital status, sex
(including pregnancy, childbirth, breastfeeding or related medical
conditions), gender (including gender identity and gender
expression) genetic characteristic, sexual orientation, registered
domestic partner status, age, military or veteran status, hairstyle
or hair texture, reproductive health decision making, or any other
characteristic protected by federal, state, or local laws.
Requirements:
Keywords: VBG , Sunrise Manor , Senior Cyber Risk Analyst, IT / Software / Systems , Las Vegas, Nevada
