Cyber Risk Analyst

Posted 3 Days Ago
Mount Pleasant, SC, USA
In-Office
Junior
Logistics • Transportation
The Role
Support cyber risk management by assessing vulnerabilities, triaging alerts, supporting incident response, collaborating with stakeholders, maintaining risk documentation, recommending security improvements, and reporting risk to technical and executive audiences.
Summary Generated by Built In
Company Description

The South Carolina Ports Authority (SCPA) owns and operates public seaport and intermodal facilities in Charleston, Dillon, and Greer. Our 600+ employees handle cargo, operate and maintain cargo handling equipment, manage port facilities and operations, and support the port system in a fast-paced 24/7 environment.

Job Description

Job Summary

The Cyber Risk Analyst supports the General Manager of Information Security by identifying, assessing, reducing, monitoring, and reporting cybersecurity risk. The role helps protect systems, data, users, applications, vendors, infrastructure, and business operations from ransomware, credential compromise, business email compromise, data loss, third-party compromise, cloud/SaaS exposure, and operational disruption.The analyst performs risk and vulnerability assessments, reviews threat intelligence, triages security alerts, supports incident response, documents findings, and translates technical issues into practical risk recommendations for business, technical, and executive audiences.

Essential Job Responsibilities

Execute cyber risk, vulnerability management, security monitoring, governance, and incident response support activities.

Perform risk and vulnerability assessments of networks, systems, applications, cloud/SaaS services, vendors, and business processes, prioritizing findings by exploitability, asset criticality, business impact, threat intelligence, and compensating controls.

Collaborate with business owners, application owners, IT teams, vendors, and operational stakeholders throughout the technology lifecycle.

Maintain risk documentation, support control reviews, track exceptions, assist audits, and prepare management reporting.

Triage alerts, gather evidence, escalate suspected incidents, support investigations, and recommend corrective actions.

Analyze vulnerability data, threat intelligence, network activity, endpoint activity, identity events, and related telemetry for risk or compromise indicators.

Support the development, maintenance, and testing of incident response, disaster recovery, business continuity, backup, and emergency response procedures.

Recommend improvements to security controls, monitoring, processes, documentation, training, and risk reduction activities.

Maintain current knowledge of cybersecurity threats, vulnerabilities, technologies, regulatory expectations, and industry best practices.

Prepare clear summaries, dashboards, risk statements, and recommendations for technical, managerial, and executive audiences.

Additional Job Responsibilities

Perform other appropriate duties as assigned. This description does not state or imply that these are the only duties required of the employee.

 

Qualifications

Minimum Qualifications

Education and Experience

Bachelor’s degree in computer science, Cybersecurity, Information Technology, Information Systems, Risk Management, or a related field; or at least two years of relevant experience in IT, cybersecurity, cyber risk, security operations, audit, or compliance.

Working knowledge of logical and physical security for applications, infrastructure, networks, endpoints, cloud/SaaS services, identity systems, facilities, and operational environments.

Current relevant cybersecurity or risk credential, or ability to obtain one within a defined period after hire. Examples include Security+, CySA+, GSEC, GCIH, GCIA, CISSP, SSCP, CISA, CISM, CRISC, CEH, OSCP, GPEN, or similar certification.

Skills and Abilities

Understanding of cybersecurity risk management, including risk identification, likelihood, impact, mitigation, acceptance, remediation tracking, and reporting.

Understanding of common cyber tactics, techniques, and procedures and related preventive, detective, responsive, and corrective controls.

Understanding of vulnerability management, including scanning, validation, prioritization, remediation, exception handling, and reporting.

Understanding of identity and access management, including authentication, authorization, privileged access, multifactor authentication, account lifecycle management, and least privilege.

Understanding of encryption fundamentals, PKI, certificate management, key management, and common cryptographic implementation weaknesses.

Demonstrated ability to use approved artificial intelligence tools responsibly for cybersecurity analysis, documentation, automation, reporting, and decision support, including validating outputs, protecting sensitive information, recognizing AI-related security risks, and following organizational AI use policies.

Strong analytical, interpersonal, written, and verbal communication skills, including the ability to document findings and communicate effectively with technical and non-technical stakeholders.

Ability to handle sensitive, confidential, and security-relevant information with discretion, integrity, and sound judgment.

Preferred Qualifications

Experience implementing, supporting, or using a vulnerability management platform and risk-based remediation process.

Experience with SIEM, EDR, network monitoring, threat intelligence, ticketing, asset inventory, or security orchestration tools or processes.

Experience with third-party risk management, vendor reviews, security questionnaires, contract security requirements, or supply chain risk assessment.

Experience with cloud, SaaS, or Microsoft 365 security, including secure configuration, identity controls, data protection, logging, and monitoring.

Experience with penetration testing, ethical hacking, adversary emulation, or security validation.

Familiarity with NIST CSF, CIS Controls, MITRE ATT&CK, CISA guidance, or similar cybersecurity frameworks.

Additional Information

SC Ports Authority is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race; creed; color; religion; alienage or national origin; ancestry; citizenship status; age; disability or handicap; sex; pregnancy, childbirth or related medical condition; marital status; veteran status; sexual orientation; gender identity; genetic information; arrest record; or any other characteristic protected by applicable federal, state or local laws.  Our management team is dedicated to this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, employee activities and general treatment during employment.

All your information will be kept confidential according to EEO guidelines.

Skills Required

  • Bachelor's degree in computer science, Cybersecurity, IT, Information Systems, Risk Management, or related field; or at least two years of relevant IT or cybersecurity experience
  • Working knowledge of logical and physical security for applications, infrastructure, networks, endpoints, cloud/SaaS services, identity systems, facilities, and operational environments
  • Current relevant cybersecurity or risk credential, or ability to obtain one within a defined period after hire (examples: Security+, CySA+, GSEC, GCIH, GCIA, CISSP, SSCP, CISA, CISM, CRISC, CEH, OSCP, GPEN)
  • Understanding of cybersecurity risk management (identification, likelihood, impact, mitigation, acceptance, remediation tracking, reporting)
  • Understanding of common cyber tactics, techniques, and procedures and related preventive, detective, responsive, and corrective controls
  • Understanding of vulnerability management including scanning, validation, prioritization, remediation, exception handling, and reporting
  • Understanding of identity and access management including authentication, authorization, privileged access, multifactor authentication, account lifecycle management, and least privilege
  • Understanding of encryption fundamentals, PKI, certificate management, key management, and common cryptographic implementation weaknesses
  • Demonstrated ability to use approved artificial intelligence tools responsibly for cybersecurity analysis, documentation, automation, reporting, and decision support
  • Strong analytical, interpersonal, written, and verbal communication skills; ability to document findings and communicate with technical and non-technical stakeholders
  • Ability to handle sensitive, confidential, and security-relevant information with discretion, integrity, and sound judgment
  • Experience implementing, supporting, or using a vulnerability management platform and risk-based remediation process
  • Experience with SIEM, EDR, network monitoring, threat intelligence, ticketing, asset inventory, or security orchestration tools or processes
  • Experience with third-party risk management, vendor reviews, security questionnaires, contract security requirements, or supply chain risk assessment
  • Experience with cloud, SaaS, or Microsoft 365 security including secure configuration, identity controls, data protection, logging, and monitoring
  • Experience with penetration testing, ethical hacking, adversary emulation, or security validation
  • Familiarity with NIST CSF, CIS Controls, MITRE ATT&CK, CISA guidance, or similar cybersecurity frameworks
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
520 Employees
Year Founded: 1942

What We Do

The South Carolina Ports Authority is an economic development engine for the state, owning and operating public seaport facilities in Charleston and inland ports in Greer and Dillon. It is charged with promoting, developing, and maintaining the harbors and seaports within South Carolina, handling international commerce valued at over $75 billion annually to support statewide economic activity.

Similar Jobs

In-Office
4 Locations
8926 Employees
93K-155K Annually

Liberty Mutual Insurance Logo Liberty Mutual Insurance

Technical Director

Artificial Intelligence • Fintech • Insurance • Marketing Tech • Software • Analytics
Hybrid
8 Locations
40000 Employees
106K-183K Annually

Liberty Mutual Insurance Logo Liberty Mutual Insurance

Inside Sales Representative

Artificial Intelligence • Fintech • Insurance • Marketing Tech • Software • Analytics
Remote or Hybrid
13 Locations
40000 Employees
45K-85K Annually

Liberty Mutual Insurance Logo Liberty Mutual Insurance

Inside Sales Representative

Artificial Intelligence • Fintech • Insurance • Marketing Tech • Software • Analytics
Remote or Hybrid
10 Locations
40000 Employees
45K-85K Annually

Similar Companies Hiring

Blissway Thumbnail
Computer Vision • Fintech • Hardware • Internet of Things • Machine Learning • Software • Transportation
Denver, CO
24 Employees
Toro TMS Thumbnail
Cloud • Enterprise Web • Sales • Software • Transportation
Chicago, IL
80 Employees
Axle Health Thumbnail
Artificial Intelligence • Healthtech • Information Technology • Logistics
Santa Monica, CA
25 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account