Cyber Security Risk Analyst
Company: Garmin International, Inc.
Posted on: May 3, 2021
We are looking for a full-time Cyber Security Risk Analyst for
our headquarters in the Greater Kansas City area. In this role, you
will be responsible for improving enterprise cyber security risk
posture through active engagement with IT, application and data
owners. The successful candidate will generate and champion new
ideas and initiatives striving for process and technology
improvements through the risk management function. Other essential
- Organize and maintain the cyber security risk portfolio within
Garmin's risk management system
- Work directly with application and data owners to drive
mitigation of known risk
- Define and implement risk ratings, models, and hierarchies to
identify the impact, severity and overall risk of
- Review red teaming results with key stakeholders providing
scoring to prioritize remediation efforts.
- Track, measure, validate, and report on risk identification,
stakeholder notification, and remediation efforts.
- Assign a preliminary risk profile by identifying the
information security risk factors based on data classification,
design, and functional purpose and use.
- Determine if any compensating controls are necessary due to
inability to comply with the primary control requirements.
Facilitate and help determine compensating controls when
- Complete and present to Security management and business
sponsors a risk assessment evaluation articulating risk and impact
analysis when security controls cannot be met by an initiative to
ensure transparency and appropriate level of acceptance.
- Maintains Information Security policies, standards, procedures,
technical security baselines as applicable
- Regularly contribute to management reports covering information
security risk treatment, mitigation, and risk metrics.
- Evaluate third-party risks resulting from the Company's
engagement or use of partners, vendors, suppliers, and technology
or data related products.
- Collaborate and build relationships with IT colleague's core
business partners for continued security education and
- Participate in the strategy and day-to-day operations of the
risk management function within Garmin's cyber security
- Advise and consult with team and stakeholders in the following
control areas is required: authentication, authorization, access
controls (network and user), secure transmission and storage,
encryption/key management, segmentation and network zoning, data
flows, third party access and connectivity and functional
- Other Duties as Assigned by Management.
Qualified candidates possess a Bachelor's Degree in Computer
Science, Information Technology, Management Information Systems,
Business or another relevant field AND a minimum of 5 years
relevant experience OR a Master of Science Degree in one of the
fields noted above AND a minimum of 3 years relevant experience.
Other requirements include:
Strong understanding of industry frameworks and best practices
(ex. NIST, ISO, OWASP, CIS, etc.)
Detailed understanding of network design, security protocols and
cloud integration security, with excellent analytical and
Understanding of project management skills including design
review, threat modeling and risk profiling while working across a
large, distributed organization. Must apply the understanding to a
diverse IT community to include policy, regulations, and compliance
Must be team-oriented with proven skills in influencing people
without having direct management authority and motivating them to
successfully mitigate risk within required timelines.
Excellent communication skills including both verbal and
Consistently demonstrates quality and effectiveness in work
documentation and organization
The ideal candidate must be able to convey complex security
issues and risks while maintaining a positive relationship with key
- CISM, CISSP, PCIP, ISA, or equivalent certifications
Garmin International is an equal opportunity employer. Qualified
applicants will receive consideration for employment without regard
to race, religion, color, national origin, citizenship, sex, sexual
orientation, gender identity, veteran's status, age or
Keywords: Garmin International, Inc., Olathe , Cyber Security Risk Analyst, Other , Olathe, Kansas
Didn't find what you're looking for? Search again!