ZipRecruiter

Log In

1

Senior Cyber Security Risk Analyst Jobs in Michigan

UFP Industries

Sr. Cybersecurity Risk Analyst

Grand Rapids, MI · On-site

$96K - $124K/yr

UFP Industries is seeking a Sr. Cybersecurity Risk Analyst to lead and mature their cybersecurity risk management program. This role involves identifying and assessing cybersecurity risks, ensuring ...

Eccalon LLC

Vice President of Cybersecurity

Detroit, MI · Hybrid

$148K - $186K/yr

The Vice President of Cybersecurity serves as Eccalon's senior-most cybersecurity executive ... Governance, Risk & Compliance (GRC) * Lead cybersecurity compliance efforts for government and ...

Kla

Cybersecurity Analyst - Insider Risk

Ann Arbor, MI · On-site

$70K - $119K/yr

We are seeking a qualified Insider Risk Analyst to join our Digital Information Risk team. In this ... Cybersecurity certifications such as Certification in Certified Information Systems Security ...

SmartIPlace

Cyber Risk Senior Associate

Detroit, MI · On-site

$55 - $60/hr

Must have: • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a ... As a Cyber Risk Senior Associate, you will get the opportunity to contribute to our clients ...

Eccalon LLC

Cyber Expert

Detroit, MI

Serve as a senior Cyber SME across compliance, architecture, and risk domains * Lead cybersecurity assessments, gap analyses, and risk evaluations * Provide expert recommendations to executives and ...

next page

Showing results 1-20

All JobsSenior Cyber Security Risk Analyst JobsSenior Cyber Security Risk Analyst Jobs in Michigan

Senior Cyber Security Risk Analyst information

What are the key skills and qualifications needed to thrive as a Senior Cyber Security Risk Analyst, and why are they important?

To thrive as a Senior Cyber Security Risk Analyst, you need in-depth knowledge of risk assessment methodologies, cyber security frameworks (such as NIST or ISO 27001), and a strong background in IT or computer science, often supported by a bachelor's degree and relevant certifications. Familiarity with risk management tools, vulnerability scanning platforms, and security information and event management (SIEM) systems is typically required. Strong analytical thinking, communication skills, and the ability to influence stakeholders are critical soft skills for excelling in this role. These competencies help ensure organizations can proactively identify, assess, and mitigate security risks, thereby protecting sensitive assets and maintaining compliance.

What is the difference between Senior Cyber Security Risk Analyst vs Cyber Security Risk Analyst?

AspectSenior Cyber Security Risk AnalystCyber Security Risk Analyst
CertificationsCCSP, CISSP, CISACCSP, CISSP, CISA
Work EnvironmentMore strategic, leadership roles, mentoringOperational, technical risk assessments
ResponsibilitiesOversees risk management programs, policy developmentPerforms risk assessments, vulnerability analysis

The main difference lies in experience and scope. Senior Cyber Security Risk Analysts typically handle strategic planning and leadership, while Cyber Security Risk Analysts focus on technical risk assessments. Both roles require similar certifications and work within the same industry environment, but the senior position involves more oversight and decision-making responsibilities.

How does a Senior Cyber Security Risk Analyst typically collaborate with other departments to manage organizational risks?

A Senior Cyber Security Risk Analyst often works closely with IT, compliance, legal, and business units to assess and mitigate cybersecurity risks across the organization. This collaboration involves conducting risk assessments, sharing findings with relevant stakeholders, and developing strategies to address vulnerabilities. Effective communication and teamwork are essential, as the analyst must translate technical risks into business impacts and ensure all departments understand their roles in risk management. Regular meetings and cross-functional projects are common, fostering a proactive security culture throughout the organization.

What does a Senior Cyber Security Risk Analyst do?

A Senior Cyber Security Risk Analyst is responsible for identifying, assessing, and mitigating potential cybersecurity threats to an organization. They analyze security risks, develop strategies to protect sensitive data, and ensure compliance with industry regulations and best practices. Their role often involves conducting risk assessments, recommending security improvements, and collaborating with IT and business teams to strengthen the organization's overall cybersecurity posture.
What are the most commonly searched types of Cyber Security Risk Analyst jobs in Michigan? The most popular types of Cyber Security Risk Analyst jobs in Michigan are:
What are popular job titles related to Senior Cyber Security Risk Analyst jobs in Michigan? For Senior Cyber Security Risk Analyst jobs in Michigan, the most frequently searched job titles are:
What job categories do people searching Senior Cyber Security Risk Analyst jobs in Michigan look for? The top searched job categories for Senior Cyber Security Risk Analyst jobs in Michigan are:
What cities in Michigan are hiring for Senior Cyber Security Risk Analyst jobs? Cities in Michigan with the most Senior Cyber Security Risk Analyst job openings:
Senior Cyber Security Risk Analyst jobs near you
Sr. Cybersecurity Risk Analyst

Sr. Cybersecurity Risk Analyst

UFP Industries

Grand Rapids, MI • On-site

Full-time

Posted 6 days ago

UFP Industries rating

7.2

Company rating: 7.2 out of 10

Based on 83 frontline employees who took The Breakroom Quiz

333rd of 518 rated manufacturers

Job description

Job Summary
The Sr. Cybersecurity Risk Analyst is responsible for leading and maturing the organization's cybersecurity risk management program. This role is accountable for identifying, assessing, and communicating cybersecurity risks across the enterprise, while driving alignment with regulatory requirements, including CMMC. The position will play a key role in building and maintaining the enterprise risk register, developing a third-party risk management program, and partnering with IT teams to establish and maintain secure standards and practices.
The ideal candidate combines strong analytical skills with practical experience in governance, risk, and compliance, and can translate technical risk into actionable business decisions.
Location: Onsite out of our Grand Rapids, MI office.
Work Authorization: Applicants must be currently authorized to work.
Principal Duties and Responsibilities
Risk Management and Governance
  • Lead the development and ongoing maintenance of the enterprise cybersecurity risk register, including risk identification, classification, ownership, and tracking.
  • Conduct and lead risk assessments for systems, applications, projects, and business initiatives.
  • Develop and implement risk management processes, methodologies, and reporting metrics.
  • Facilitate risk review sessions with business and IT stakeholders to ensure accountability and transparency.
  • Develop and track risk mitigation and remediation plans to closure.

Regulatory Compliance (CMMC and Related Frameworks)
  • Support and maintain the organization's CMMC compliance program, including control mapping, evidence collection, and audit readiness.
  • Partner with internal stakeholders (IT, Legal, HR, Plant Operations) to ensure alignment with CMMC and other regulatory requirements.
  • Assist in preparing documentation and responses for assessments, audits, and regulatory inquiries.
  • Monitor evolving compliance requirements and translate them into actionable internal controls.

Third-Party Risk Management
  • Develop and mature a third-party cybersecurity risk management program.
  • Conduct security risk assessments of vendors, SaaS providers, Software, and external partners.
  • Evaluate vendor security posture, shared responsibility models, and contractual security requirements.
  • Partner with procurement and legal teams to integrate security requirements into vendor onboarding and contracting processes.

Security Standards and IT Partnership
  • Collaborate with IT and engineering teams to develop, implement, and maintain cybersecurity standards and secure configuration baselines.
  • Ensure security requirements are embedded into system design, architecture, and operational processes.
  • Provide risk-based guidance on system hardening, segmentation, and control implementation.
  • Support the development of policies, standards, and procedures that are practical, enforceable, and auditable.

Reporting and Communication
  • Communicate risk findings, trends, and recommendations to technical and non-technical stakeholders, including leadership.
  • Develop reporting for executive audiences, including risk summaries, metrics, and program maturity updates.
  • Support audit committee and leadership reporting as needed.

Continuous Improvement
  • Stay current on cybersecurity threats, regulatory changes, and industry best practices.
  • Identify opportunities to improve risk visibility, coverage, and program efficiency.
  • Mentor junior analysts and contribute to the maturity of the GRC function.

Qualifications
Required
  • Bachelor's degree in Information Security, Computer Science, or related field (or equivalent experience).
  • 5+ years of experience in cybersecurity risk, governance, or compliance roles.
  • Experience building or maintaining a cybersecurity risk register and risk management processes.
  • Strong understanding of security frameworks (e.g., NIST, CMMC, ISO 27001).
  • Experience conducting third-party/vendor risk assessments.
  • Strong analytical, problem-solving, and risk evaluation skills.
  • Ability to translate technical risks into business impact.
  • Strong written and verbal communication skills.

Preferred
  • Experience supporting CMMC assessments or similar regulatory compliance programs.
  • Familiarity with manufacturing or operational technology (OT) environments.
  • Experience developing security standards or working closely with infrastructure and engineering teams.
  • Professional certifications such as CISSP, CISM, CRISC, or similar.

The Company is an Equal Opportunity Employer.

What UFP Industries employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom

UFP Industries logo

About UFP Industries

Sourced by ZipRecruiter

Universal Forest Products, Inc., is a U.S.-based global corporation that finds reward in its roots and its hard-earned success. Founded in 1955 as a supplier of lumber to the manufactured housing industry, Universal today is a multibillion-dollar holding company with subsidiaries around the globe that serve three robust markets: retail, industrial and construction. Since 1993, Universal has been publicly traded (Nasdaq: UFPI). We re headquartered in Grand Rapids, Michigan.

Industry

Wood product manufacturing

Company size

10,000+ Employees

Headquarters location

Grand Rapids, MI, US

Year founded

1955

Social media

Facebook

View All UFP Industries Jobs

Apply