Job Summary The Sr. Cybersecurity Risk Analyst is responsible for leading and maturing the organization's cybersecurity risk management program. This role is accountable for identifying, assessing ...
Job Summary The Sr. Cybersecurity Risk Analyst is responsible for leading and maturing the organization's cybersecurity risk management program. This role is accountable for identifying, assessing ...
Senior Cybersecurity Liaison | Hybrid | Full-Time
Detroit, MI · On-site
$99K - $127K/yr
GENERAL SUMMARY: The Sr. Cybersecurity Liaison is the primary point of contact between the ... Consult with business unit to assess security needs, identify gaps, and develop risk mitigation ...
Senior Cybersecurity Liaison | Hybrid | Full-Time
Detroit, MI · On-site
$99K - $127K/yr
GENERAL SUMMARY: The Sr. Cybersecurity Liaison is the primary point of contact between the ... Consult with business unit to assess security needs, identify gaps, and develop risk mitigation ...
Senior Cybersecurity Engineer / Security Architect (MLS & High-Assurance Systems) Location: Detroit ... Demonstrated experience performing IT risk assessments, threat analysis, and security control ...
Senior Cybersecurity Engineer / Security Architect (MLS & High-Assurance Systems) Location: Detroit ... Demonstrated experience performing IT risk assessments, threat analysis, and security control ...
Senior Cybersecurity Liaison | Hybrid | Full-Time
Detroit, MI · Hybrid
$99K - $127K/yr
GENERAL SUMMARY: The Sr. Cybersecurity Liaison is the primary point of contact between the ... Consult with business unit to assess security needs, identify gaps, and develop risk mitigation ...
Senior Cybersecurity Liaison | Hybrid | Full-Time
Detroit, MI · Hybrid
$99K - $127K/yr
GENERAL SUMMARY: The Sr. Cybersecurity Liaison is the primary point of contact between the ... Consult with business unit to assess security needs, identify gaps, and develop risk mitigation ...
Summary Statement The Senior IT Security Risk Analyst is responsible for leading the organization's cybersecurity governance, risk, and compliance initiatives. This role drives the design ...
Summary Statement The Senior IT Security Risk Analyst is responsible for leading the organization's cybersecurity governance, risk, and compliance initiatives. This role drives the design ...
Summary Statement The Senior IT Security Risk Analyst is responsible for leading the organization's cybersecurity governance, risk, and compliance initiatives. This role drives the design ...
Summary Statement The Senior IT Security Risk Analyst is responsible for leading the organization's cybersecurity governance, risk, and compliance initiatives. This role drives the design ...
Summary Statement The Senior IT Security Risk Analyst is responsible for leading the organization's cybersecurity governance, risk, and compliance initiatives. This role drives the design ...
Summary Statement The Senior IT Security Risk Analyst is responsible for leading the organization's cybersecurity governance, risk, and compliance initiatives. This role drives the design ...
Summary Statement The Senior IT Security Risk Analyst is responsible for leading the organization's cybersecurity governance, risk, and compliance initiatives. This role drives the design ...
Summary Statement The Senior IT Security Risk Analyst is responsible for leading the organization's cybersecurity governance, risk, and compliance initiatives. This role drives the design ...
Senior Cybersecurity Liaison | Hybrid | Full-Time
Detroit, MI · Hybrid
$99K - $127K/yr
GENERAL SUMMARY: The Sr. Cybersecurity Liaison is the primary point of contact between the ... Consult with business unit to assess security needs, identify gaps, and develop risk mitigation ...
Senior Cybersecurity Liaison | Hybrid | Full-Time
Detroit, MI · Hybrid
$99K - $127K/yr
GENERAL SUMMARY: The Sr. Cybersecurity Liaison is the primary point of contact between the ... Consult with business unit to assess security needs, identify gaps, and develop risk mitigation ...
The Cybersecurity Risk Coordinator reports to the Manager of Cybersecurity Risk Services. This ... Can conform to shifting priorities, demands and timelines through analytical and problem-solving ...
The Cybersecurity Risk Coordinator reports to the Manager of Cybersecurity Risk Services. This ... Can conform to shifting priorities, demands and timelines through analytical and problem-solving ...
The Cybersecurity Risk Coordinator reports to the Manager of Cybersecurity Risk Services. This ... Can conform to shifting priorities, demands and timelines through analytical and problem-solving ...
The Cybersecurity Risk Coordinator reports to the Manager of Cybersecurity Risk Services. This ... Can conform to shifting priorities, demands and timelines through analytical and problem-solving ...
The Cybersecurity Risk Coordinator reports to the Manager of Cybersecurity Risk Services. This ... Can conform to shifting priorities, demands and timelines through analytical and problem-solving ...
The Cybersecurity Risk Coordinator reports to the Manager of Cybersecurity Risk Services. This ... Can conform to shifting priorities, demands and timelines through analytical and problem-solving ...
Vice President of Cybersecurity
Detroit, MI · On-site
$155K - $194K/yr
... risk, posture, and resilience • Advise executive leadership and the board on cybersecurity ... analysis • Ensure cybersecurity is embedded across product, infrastructure, and program ...
Vice President of Cybersecurity
Detroit, MI · On-site
$155K - $194K/yr
... risk, posture, and resilience • Advise executive leadership and the board on cybersecurity ... analysis • Ensure cybersecurity is embedded across product, infrastructure, and program ...
Senior Cyber Security Analyst
Wixom, MI · On-site
$95K - $123K/yr
Summary The Senior Cyber Security Analyst serves as a senior, hands-on technical resource, owning security investigations and incident response from detection through root cause analysis and ...
Senior Cyber Security Analyst
Wixom, MI · On-site
$95K - $123K/yr
Summary The Senior Cyber Security Analyst serves as a senior, hands-on technical resource, owning security investigations and incident response from detection through root cause analysis and ...
Senior Cyber Security Analyst
Wixom, MI · On-site
$95K - $123K/yr
Summary The Senior Cyber Security Analyst serves as a senior, hands-on technical resource, owning security investigations and incident response from detection through root cause analysis and ...
Quick apply
Senior Cyber Security Analyst
Wixom, MI · On-site
$95K - $123K/yr
Summary The Senior Cyber Security Analyst serves as a senior, hands-on technical resource, owning security investigations and incident response from detection through root cause analysis and ...
Senior Cybersecurity Vulnerability Management Engineer
Warren, MI · On-site
$107K - $147K/yr
As a Senior Cybersecurity Vulnerability Engineer, you will serve as a highly capable individual ... risk. * Apply threat intelligence and exploitability analytics, including exposure context, attack ...
Senior Cybersecurity Vulnerability Management Engineer
Warren, MI · On-site
$107K - $147K/yr
As a Senior Cybersecurity Vulnerability Engineer, you will serve as a highly capable individual ... risk. * Apply threat intelligence and exploitability analytics, including exposure context, attack ...
Senior Cybersecurity Vulnerability Management Engineer
$107K - $147K/yr
As a Senior Cybersecurity Vulnerability Engineer, you will serve as a highly capable individual ... risk. * Apply threat intelligence and exploitability analytics, including exposure context, attack ...
Senior Cybersecurity Vulnerability Management Engineer
$107K - $147K/yr
As a Senior Cybersecurity Vulnerability Engineer, you will serve as a highly capable individual ... risk. * Apply threat intelligence and exploitability analytics, including exposure context, attack ...
Cyber Risk Senior Associate
Detroit, MI · On-site
$55 - $60/hr
Must have: • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a ... As a Cyber Risk Senior Associate, you will get the opportunity to contribute to our clients ...
Quick apply
Cyber Risk Senior Associate
Detroit, MI · On-site
$55 - $60/hr
Must have: • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a ... As a Cyber Risk Senior Associate, you will get the opportunity to contribute to our clients ...
OnSite Cybersecurity Custodian Job Details | Black & Veatch Family of Companies
Ann Arbor, MI · On-site
$97K - $126K/yr
Supported andledby BV Senior Cybersecurity Consultants, this individual will be the day-to-day on ... Establish consistent cyber processes on-site that improve repeatability and reduce risk. Management ...
OnSite Cybersecurity Custodian Job Details | Black & Veatch Family of Companies
Ann Arbor, MI · On-site
$97K - $126K/yr
Supported andledby BV Senior Cybersecurity Consultants, this individual will be the day-to-day on ... Establish consistent cyber processes on-site that improve repeatability and reduce risk. Management ...
We are seeking a Senior Cyber Security Engineer to lead security enablement and automation for ... Conduct risk assessments and help implement appropriate controls * Improve onboarding quality ...
We are seeking a Senior Cyber Security Engineer to lead security enablement and automation for ... Conduct risk assessments and help implement appropriate controls * Improve onboarding quality ...
Senior Cyber Security Risk Analyst information
What are the key skills and qualifications needed to thrive as a Senior Cyber Security Risk Analyst, and why are they important?
What is the difference between Senior Cyber Security Risk Analyst vs Cyber Security Risk Analyst?
| Aspect | Senior Cyber Security Risk Analyst | Cyber Security Risk Analyst |
|---|---|---|
| Certifications | CCSP, CISSP, CISA | CCSP, CISSP, CISA |
| Work Environment | More strategic, leadership roles, mentoring | Operational, technical risk assessments |
| Responsibilities | Oversees risk management programs, policy development | Performs risk assessments, vulnerability analysis |
The main difference lies in experience and scope. Senior Cyber Security Risk Analysts typically handle strategic planning and leadership, while Cyber Security Risk Analysts focus on technical risk assessments. Both roles require similar certifications and work within the same industry environment, but the senior position involves more oversight and decision-making responsibilities.
How much does a cybersecurity risk analyst make?
How does a Senior Cyber Security Risk Analyst typically collaborate with other departments to manage organizational risks?
What does a Senior Cyber Security Risk Analyst do?
Can you make $200,000 in cyber security?
Can you make $500,000 a year in cyber security?
Is 25 too late for cyber security?
UFP Industries rating
7.3
Based on 87 frontline employees who took The Breakroom Quiz
310th of 527 rated manufacturers
Job description
Job Summary
The Sr. Cybersecurity Risk Analyst is responsible for leading and maturing the organization's cybersecurity risk management program. This role is accountable for identifying, assessing, and communicating cybersecurity risks across the enterprise, while driving alignment with regulatory requirements, including CMMC. The position will play a key role in building and maintaining the enterprise risk register, developing a third-party risk management program, and partnering with IT teams to establish and maintain secure standards and practices.
The ideal candidate combines strong analytical skills with practical experience in governance, risk, and compliance, and can translate technical risk into actionable business decisions.
Location: Onsite out of our Grand Rapids, MI office.
Work Authorization: Applicants must be currently authorized to work.
Principal Duties and Responsibilities
Risk Management and Governance
Lead the development and ongoing maintenance of the enterprise cybersecurity risk register, including risk identification, classification, ownership, and tracking.
Conduct and lead risk assessments for systems, applications, projects, and business initiatives.
Develop and implement risk management processes, methodologies, and reporting metrics.
Facilitate risk review sessions with business and IT stakeholders to ensure accountability and transparency.
Develop and track risk mitigation and remediation plans to closure.
Regulatory Compliance (CMMC and Related Frameworks)
Support and maintain the organization's CMMC compliance program, including control mapping, evidence collection, and audit readiness.
Partner with internal stakeholders (IT, Legal, HR, Plant Operations) to ensure alignment with CMMC and other regulatory requirements.
Assist in preparing documentation and responses for assessments, audits, and regulatory inquiries.
Monitor evolving compliance requirements and translate them into actionable internal controls.
Third-Party Risk Management
Develop and mature a third-party cybersecurity risk management program.
Conduct security risk assessments of vendors, SaaS providers, Software, and external partners.
Evaluate vendor security posture, shared responsibility models, and contractual security requirements.
Partner with procurement and legal teams to integrate security requirements into vendor onboarding and contracting processes.
Security Standards and IT Partnership
Collaborate with IT and engineering teams to develop, implement, and maintain cybersecurity standards and secure configuration baselines.
Ensure security requirements are embedded into system design, architecture, and operational processes.
Provide risk-based guidance on system hardening, segmentation, and control implementation.
Support the development of policies, standards, and procedures that are practical, enforceable, and auditable.
Reporting and Communication
Communicate risk findings, trends, and recommendations to technical and non-technical stakeholders, including leadership.
Develop reporting for executive audiences, including risk summaries, metrics, and program maturity updates.
Support audit committee and leadership reporting as needed.
Continuous Improvement
Stay current on cybersecurity threats, regulatory changes, and industry best practices.
Identify opportunities to improve risk visibility, coverage, and program efficiency.
Mentor junior analysts and contribute to the maturity of the GRC function.
Qualifications
Required
Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience).
5+ years of experience in cybersecurity risk, governance, or compliance roles.
Experience building or maintaining a cybersecurity risk register and risk management processes.
Strong understanding of security frameworks (e.g., NIST, CMMC, ISO 27001).
Experience conducting third-party/vendor risk assessments.
Strong analytical, problem-solving, and risk evaluation skills.
Ability to translate technical risks into business impact.
Strong written and verbal communication skills.
Preferred
Experience supporting CMMC assessments or similar regulatory compliance programs.
Familiarity with manufacturing or operational technology (OT) environments.
Experience developing security standards or working closely with infrastructure and engineering teams.
Professional certifications such as CISSP, CISM, CRISC, or similar.
The Company is an Equal Opportunity Employer.
What UFP Industries employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom
About UFP Industries
Sourced by ZipRecruiter
Universal Forest Products, Inc., is a U.S.-based global corporation that finds reward in its roots and its hard-earned success. Founded in 1955 as a supplier of lumber to the manufactured housing industry, Universal today is a multibillion-dollar holding company with subsidiaries around the globe that serve three robust markets: retail, industrial and construction. Since 1993, Universal has been publicly traded (Nasdaq: UFPI). We re headquartered in Grand Rapids, Michigan.
Industry
Wood product manufacturing
Company size
10,000+ Employees
Headquarters location
Grand Rapids, MI, US
Year founded
1955