CrawlJobs Logo

Senior Cybersecurity Risk & Compliance Analyst

kennametal.com Logo

Kennametal

Location Icon

Location:
India , Bangalore

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Senior Cybersecurity Risk & Compliance Analyst is responsible for executing and maintaining Kennametal’s enterprise cybersecurity risk management and compliance monitoring activities. This role leads structured cyber risk assessments, supports information classification and protection programs, and monitors the effectiveness of risk mitigation activities. The role operates as a senior individual contributor and works closely with IT, Security Engineering, Legal, Privacy, and business stakeholders to ensure cybersecurity risks are identified, analyzed, documented, and communicated in alignment with regulatory and business requirements.

Job Responsibility:

  • Lead structured cybersecurity risk assessments across business, IT, and OT environments
  • Perform qualitative and quantitative risk analysis using recognized methodologies (e.g., NIST 800-30, FAIR, OCTAVE)
  • Maintain cybersecurity risk register entries, including risk statements, impact analysis, likelihood assessments, and remediation tracking
  • Monitor and report the status and effectiveness of risk mitigation plans
  • Develop and present cybersecurity risk status metrics and summaries for leadership review
  • Serve as a subject-matter expert for cybersecurity risk identification and treatment guidance
  • Identify confidentiality, integrity, and availability (CIA) requirements for information assets
  • Support Kennametal’s information classification and data protection programs
  • Provide risk-based input into data protection controls, including Data Loss Prevention (DLP) strategies
  • Advise stakeholders on appropriate handling, labeling, and protection of sensitive data
  • Research and investigate laws and compliance requirements related to information security, including data privacy, data protection, and data breach disclosure
  • Support internal and external audit activities by providing risk and control documentation
  • Assist in mapping cybersecurity risks to compliance obligations and control frameworks
  • Track compliance-related remediation actions and report status to stakeholders
  • Act as a trusted advisor to business and IT stakeholders on cybersecurity risk topics
  • Collaborate with SOC, IT Operations, Security Engineering, Legal, Privacy, and Third-Party Risk teams
  • Translate technical cybersecurity risks into business-impact language for non-technical audiences

Requirements:

  • Bachelor’s degree in information security, Information Systems, Computer Science, or related field
  • 5–8 years of experience in cybersecurity risk management, GRC, or enterprise risk roles
  • Demonstrated hands-on experience conducting formal cybersecurity risk assessments
  • Working knowledge of major cybersecurity frameworks (NIST RMF, NIST CSF, ISO 27001)
  • Strong written and verbal communication skills with the ability to brief technical and non-technical audiences

Nice to have:

  • Experience working in a global enterprise environment
  • Exposure to data privacy and regulatory compliance (GDPR, U.S. breach laws, SOX)
  • Familiarity with IT service management concepts (ITIL)
  • Experience with enterprise risk management programs or GRC platforms
  • CISSP, CISM, CRISC, or similar certification

Additional Information:

Job Posted:
January 08, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Kennametal - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Cybersecurity Risk & Compliance Analyst

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will play a vita...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products
  • Fulltime
Read More
Arrow Right

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will contribute ...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels.
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan.
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products.
  • Fulltime
Read More
Arrow Right

Third-Party Risk Analyst

As a Third-Party Risk Analyst, you will be responsible for evaluating, monitorin...
Location
Location
United States , Baltimore
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Risk, Business, Business Technology, Cybersecurity, or a related field
  • 2+ years of experience in third-party risk management, vendor management, procurement, internal audit
  • Strong understanding of third-party risk management principles, methodologies, and best practices
  • Detail-oriented and organized, with the ability to manage multiple priorities and deadlines in a fast-paced environment
  • Proficiency in using risk management tools, software, and technologies to support third-party risk assessment and monitoring activities
  • Excellent analytical, problem-solving, and critical-thinking skills, with the ability to assess complex situations and make informed risk-based decisions
  • Effective communication and interpersonal skills, with the ability to collaborate with stakeholders at all levels of the organization
Job Responsibility
Job Responsibility
  • Conduct comprehensive risk assessments of third-party vendors and service providers
  • Review and analyze third-party contracts, agreements, and security documentation
  • Develop and implement risk mitigation strategies and action plans
  • Monitor and track third-party risk indicators
  • Collaborate with internal audit, compliance, and information security teams
  • Collaborate with procurement, legal, and business units
  • Conduct periodic reviews and audits of third-party vendors
  • Provide regular reporting and updates to senior management, the board of directors, and other stakeholders
  • Stay informed about industry trends, emerging risks, and best practices in third-party risk management
What we offer
What we offer
  • Medical, vision, dental, and life and disability insurance
  • Eligibility to enroll in company 401(k) plan
  • Fulltime
Read More
Arrow Right

Junior IT Risk Analyst

The IT Risk Analyst, based in Barcelona, plays a key role in supporting excellen...
Location
Location
Spain , Barcelona
Salary
Salary:
Not provided
https://www.allianz.com Logo
Allianz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Mathematics, Statistics, Computer Science, Engineering, Business, or related field
  • 1-2 years of experience in IT risk management, IT audit, IT Consultancy, IT Advisory or a related field
  • Basic understanding of IT Governance and IT Risk Management Frameworks (e.g., COBIT2019, ISO27001, ISF, etc.)
  • Basic understanding of regulatory requirements (e.g., DORA, GDPR, etc.)
  • Strong analytical and problem-solving skills
  • Fluent in English
  • German is a plus.
Job Responsibility
Job Responsibility
  • Assist in conducting regular risk assessments to identify potential IT threats and vulnerabilities
  • Help in analyzing the impact and likelihood of risks
  • Gather and analyze data related to IT risks, incidents, and controls
  • Prepare reports and presentations for senior management
  • Support the monitoring of adherence to Group Risk policies and standards
  • Assist in ensuring transparent and effective identification of IT risks and respective remediation plans
  • Maintain detailed records of risk assessments, mitigation plans, and incidents
  • Assist in preparing quarterly and ad-hoc reports on the internal control system with a focus on IT processes
  • Work closely with other departments, such as IT, legal, compliance, and business units, to support a holistic approach to risk management
  • Assist in regular and ad-hoc touchpoints with Operating Entities
What we offer
What we offer
  • Hybrid work model with up to 25 days per year working from abroad
  • Company bonus scheme
  • Pension benefits
  • Employee shares program
  • Multiple employee discounts
  • Career development and digital learning programs
  • International career mobility
  • Flexible working
  • Health and wellbeing offers, including healthcare and parental leave benefits.
  • Fulltime
Read More
Arrow Right

Compliance Analyst

insightsoftware is seeking a detail-oriented and proactive Compliance Analyst to...
Location
Location
United States , Remote
Salary
Salary:
Not provided
insightsoftware.com Logo
insightsoftware
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in information security, Cybersecurity, Computer Science, Risk Management, Legal Studies, Business Administration, or related field
  • Minimum 3+ years of experience in compliance program management, risk management, or information security roles, preferably in regulated industries or technology companies
  • Demonstrated experience responding to third-party risk assessments, security audits, customer security questionnaires, RFPs, and compliance due diligence requests
  • Working knowledge of regulatory frameworks and standards (e.g., ISO 27001, SOC 2 (Type II), NIST, FedRAMP, CMMC, PCI DSS, GDPR, CCPA), trade control regulations (EAR, ITAR), anti-bribery/corruption laws (FCPA, UK Bribery Act), and data privacy principles
  • A strong knowledge of at least one regulatory framework governing matters pertaining to data privacy, cybersecurity, trade compliance, or third-party risk management
  • Experience with third-party screening tools and vendor risk management platforms
  • Familiarity with GRC or data protection management platforms (e.g., OneTrust, ServiceNowMetricStream)
Job Responsibility
Job Responsibility
  • Support the development, implementation, and maintenance of a global compliance program, including trade compliance, anti-bribery/corruption, anti-trust, and business ethics
  • Conduct secondary screening of third parties (vendors, partners, customers) , and assess potential matches against government watchlists of denied, debarred, sanctioned, or restricted parties to ensure compliance with applicable trade compliance, export control and sanctions regulations (e.g., U.S. Department of the Treasury Office of Foreign Assets Control ("OFAC"), U.S. Department of Commerce Bureau of Industry and Security ("BIS"), U.K. Office of Financial Sanctions Implementation ("OFSI"), European Union, and United Nations)
  • Assist with export classification determinations and licensing requirements for software products and services, including evaluation of Export Control Classification Numbers ("ECCNs")
  • Support the company's compliance with applicable data protection regulatory frameworks (e.g., GDPR, CCPA)
  • Support the Corporate Counsel, Data Privacy, AI, Cybersecurity with data protection initiatives and obligations including data mapping exercises, processing activity records, and privacy impact assessments, and coordinate responses to data subject access requests ("DSARs") and privacy-related inquiries
  • Support privacy management tools and platforms for consent management and privacy workflow automation
  • Partner with company counsel, InfoSec, and other stakeholders with compliance audits, data privacy questionnaires, and third-party risk assessment processes including vendor due diligence and ongoing monitoring
  • Support risk and control self-assessments ("RCSA"), audit management, and remediation tracking
  • Collaborate with stakeholders including the Chief Information Security Officer ("CISO") and the team to quantify, monitor, and report on security and compliance performance
  • Maintain GRC platforms (e.g., ServiceNow, Archer, MetricStream) to track compliance activities, risks, and controls
Read More
Arrow Right

Senior Trust Analyst

The Trust Engagement team is a globally distributed group of risk professionals ...
Location
Location
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7+ years experience working with customers across Security, Governance, Risk and Compliance domain areas
  • Expertise to guide discussions about security and risk trade-offs
  • Customer facing or consulting engagement experience
  • Success with customer, executive, or board member briefings on strategy
  • Knowledge of security, compliance and privacy frameworks & standards (e.g., GDPR, HIPAA, SOC2, ISO27001, NIST 800-53, PCI-DSS)
  • Experience working with Regulatory Compliance, Global Privacy Programs, Cloud Security or related functions
  • Familiarity with large-scale enterprise SaaS platforms and challenges across security, privacy and compliance related to customer trust
  • Understanding of cybersecurity principles and their application in a SaaS context
  • Understanding infrastructure and delivery models of SaaS products
  • Proficient knowledge of cloud platforms (e.g., AWS, Azure, Google Cloud) and their services
Job Responsibility
Job Responsibility
  • Represent Atlassian with our customers to remove trust as a blocker for customer acquisition, customer migration, and long term customer retention
  • Be accountable for engaging in a variety of Atlassian customer facing initiatives. Your primary focus will involve helping our customers gain an understanding of Atlassian’s commitment to Trust by articulating our Security practices, Compliance posture, and Privacy measures
  • Manage complex customer security reviews & audits
  • Support legal in negotiating security and compliance terms & exhibits for Atlassian Customer Agreements
  • Represent the Voice of the Customer by identifying deal blockers and friction points to influence Security, Product & Engineering strategy in meeting customer expectations
  • Drive customer facing Trust collateral by publishing publicly facing materials, presentations, white papers
  • Provide security, compliance, and privacy education and training to internal partner teams in Sales, Product Marketing, Legal, etc.
  • Mentor team through technical leadership and knowledge sharing
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
Read More
Arrow Right

Senior GRC Analyst

We are seeking an experienced Senior Governance, Risk, and Compliance (GRC) Anal...
Location
Location
United States , Chicago
Salary
Salary:
90000.00 - 130000.00 USD / Year
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in GRC, preferably with a focus on acquisition integration
  • Strong knowledge of regulatory compliance requirements, risk management frameworks, including ISO 27001, NIST
  • Experience with SOC1/2, GDPR, and privacy frameworks
  • Proficiency in information security tools, techniques, and controls
  • Experience with metrics and KPIs to measure and track information security risk
  • Ability to develop policies, standards, and guidelines
  • ISO27001:2022 Lead Implementer and lead auditor certifications are a must
  • CISA, CISM, CISSP, or CRISC certifications are desirable
  • Experience with GRC tools, such as Vanta, Archer, ServiceNow Risk modules is highly desirable
  • Exposure to CMMC/FedRAMP is highly desirable
Job Responsibility
Job Responsibility
  • Acquisition Assessment: Collaborate with cross-functional teams to assess the GRC landscape of newly acquired companies, identifying gaps and alignment opportunities
  • Integration Planning: Develop comprehensive integration plans tailored to each acquisition, ensuring alignment with the company's overarching GRC strategy
  • Risk Management: Evaluate and mitigate risks associated with integration processes, working closely with risk management teams
  • Policy and Procedure Harmonization: Bridge gaps between existing practices and those of acquired entities, harmonizing policies, procedures, and controls
  • Communication and Stakeholder Management: Effectively communicate integration plans and progress, fostering strong relationships with key stakeholders
  • Reporting and Documentation: Maintain accurate documentation of integration activities and generate insightful reports for senior management
  • Continuous Improvement: Identify areas for improvement and drive enhancements to the integration process
  • Customer Security Questionnaire Support: Collaborate with various teams to ensure accurate and comprehensive responses to customer security questionnaires
  • Fulltime
Read More
Arrow Right

Senior GRC Analyst

We are seeking an experienced Senior Governance, Risk, and Compliance (GRC) Anal...
Location
Location
United States , Chapel Hill
Salary
Salary:
Not provided
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in GRC, preferably with a focus on acquisition integration
  • Strong knowledge of regulatory compliance requirements, risk management frameworks, including ISO 27001, NIST
  • Experience with SOC1/2, GDPR, and privacy frameworks
  • Proficiency in information security tools, techniques, and controls
  • Experience with metrics and KPIs to measure and track information security risk
  • Ability to develop policies, standards, and guidelines
  • ISO27001:2022 Lead Implementer, and lead auditor certifications are a must
  • CISA, CISM, CISSP, or CRISC certifications are desirable
  • Experience with GRC tools, such as Vanta, Archer, ServiceNow Risk modules is highly desirable
  • Exposure to CMMC/FedRAMP is highly desirable
Job Responsibility
Job Responsibility
  • Acquisition Assessment: Collaborate with cross-functional teams to assess the GRC landscape of newly acquired companies, identifying gaps and alignment opportunities
  • Integration Planning: Develop comprehensive integration plans tailored to each acquisition, ensuring alignment with the company's overarching GRC strategy
  • Risk Management: Evaluate and mitigate risks associated with integration processes, working closely with risk management teams
  • Policy and Procedure Harmonization: Bridge gaps between existing practices and those of acquired entities, harmonizing policies, procedures, and controls
  • Communication and Stakeholder Management: Effectively communicate integration plans and progress, fostering strong relationships with key stakeholders
  • Reporting and Documentation: Maintain accurate documentation of integration activities and generate insightful reports for senior management
  • Continuous Improvement: Identify areas for improvement and drive enhancements to the integration process
  • Customer Security Questionnaire Support: Collaborate with various teams to ensure accurate and comprehensive responses to customer security questionnaires
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy