DPI Associate Cybersecurity Risk Analyst

At UL, we know why we come to work. 

Thousands of us around the world wake up every day with a common purpose: to make the world a safer, more secure, and sustainable place. Science is in our DNA; we are endlessly curious and passionate about seeking and speaking the truth. We take delight in knowing that our work makes a meaningful contribution to society, and we are proud that our culture is centered on integrity, collaboration, inclusion, and excellence. UL stands at the forefront of technological advancement, and we are continually challenged to find new ways to foster innovation and positive change. Satisfying? Yes. Exciting? Absolutely! 

The Associate Cybersecurity Risk Analyst will be responsible for identifying, analyzing, reporting, and influencing the management of information risks across the organization. The candidate will also be accountable for helping ensure that his or her organization’s vendor ecosystem is properly evaluated, assessed, and managed to minimize risk exposure and risk impacts to the business.  

What You’Ll Learn & Achieve:

Associate Cybersecurity Risk Analyst candidates will be evaluated based on their ability to perform the duties listed above while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include:  

• Assist with focused information risk assessments of existing or new services and technologies, along with business counterparts.  
• Communicates risk assessment findings to team owners and custodians of information risk “business partners,” or information governance teams and information security teams.  
• Provides consultative advice to information governance or security teams that enables them to suggest informed risk management decisions.  
• Helps to identify and facilitate the implementation of appropriate controls to effectively manage information risks as needed.  
• Helping to identify opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.  
• Able to coordinate other risk management activities (e.g., Exception Management Process, Vulnerabilities Management, etc., with relevant stakeholders. 
• Experience in coordinating and executing vendor risk management lifecycle (frameworks, policies, and processes), including performing detailed risk-based assessments and responding to external customers security assessments. 
• Experience in reviewing contractual agreements’ (Master Service Agreements) Cybersecurity requirements and making relevant inputs as required with key stakeholders (e.g., Legal,). 
• Understands and applies relevant regulatory and legal compliance requirements  

What makes you a great fit:  

• BS or MA in Business, Computer Science, Information Security, or successful completion of the DPI career development program. 
• [2+] years of work experience in information security, especially in an information senior cybersecurity risk role 
• [2+] years of experience in managing risk and compliance issues, or similar experience managing applications, projects or systems that require identification, evaluation, and remediation of risk  
• Technical background or demonstrable understanding of a range of operational and IT risks and operations 
• Strong business background; experience gathering and interpreting risks and associated impacts in the context of financial and operational concerns  
• Strong understanding of complex vendor risk-related issues through demonstrated experience managing vendor relationships, information security or regulatory compliance programs, and audits  
• [4+] years of experience with regulatory compliance and information security management frameworks (e.g., International Organization for Standardization [IS0] 27000, COBIT, National Institute of Standards and Technology [NIST] 800)  

Total Rewards: We understand compensation is an important factor as you consider the next step in your career. The estimated salary range for this position is $65,000-$70,0000 and is based on multiple factors, including job-related knowledge/skills, experience, geographical location, as well as other factors. This position is eligible for annual bonus compensation with a target payout of 5% of the base salary. This position also provides health benefits such as medical, dental and vision; wellness benefits such as mental and financial health; and retirement savings (401K) commensurate with the standard rewards offered in each individual location or country. We also provide full-time employees with paid time off including vacation (15 days), holiday including floating holidays (12 days) and sick time off (72 hours). 

Learn More:

Working at UL Solutions is an exciting journey that twists and turns daily. We thrive in the twists and revel in the turns. This is our every day. This is our normal. Curious? To learn more about us and the work we do, visit UL.com 

A global leader in applied safety science, UL Solutions (NYSE: ULS) transforms safety, security and sustainability challenges into opportunities for customers in more than 110 countries. UL Solutions delivers testing, inspection and certification services, together with software products and advisory offerings, that support our customers’ product innovation and business growth. The UL Mark serves as a recognized symbol of trust in our customers’ products and reflects an unwavering commitment to advancing our safety mission. We help our customers innovate, launch new products and services, navigate global markets and complex supply chains, and grow sustainably and responsibly into the future. Our science is your advantage.