onsite

Cybersecurity Risk Analyst II - Lower Colorado River Authority

Security Engineer

The Cybersecurity Risk Analyst II evaluates cyber risks, implements GRC controls, and ensures compliance with security frameworks such as NIST and ISO 27001 while supporting vulnerability management and incident response initiatives.

About the role

Key Responsibilities

Identify, assess, and prioritize cyber risks across the organization’s information systems.
Develop, maintain, and enforce Governance, Risk & Compliance (GRC) policies aligned with NIST, ISO 27001, and industry regulations.
Conduct vulnerability assessments, coordinate remediation efforts, and track mitigation status.
Support incident response activities, including root‑cause analysis and post‑incident reporting.
Perform security audits and control testing to verify effectiveness of protective measures.
Collaborate with IT, business units, and external partners to integrate security requirements into projects and processes.

Requirements

2+ years of experience in cybersecurity risk analysis, GRC, or related fields.
Strong knowledge of security frameworks such as NIST CSF and ISO 27001.
Hands‑on experience with vulnerability scanning tools and remediation tracking.
Proven ability to conduct security audits and produce clear risk documentation.
Excellent communication skills and the ability to work cross‑functionally.

Skills

siemiampenetration testing

CompanyLower Colorado River Authority

DepartmentEngineering

LocationAustin, Texas, United States

Experience3+ years

Tenurefull-time

LevelMid-Level

Posted June 26, 2026