Junior Cybersecurity Architect, GRC & Risk
CYE
Job Overview
Who's the hiring manager?
Sign up to PitchMeAI to discover the hiring manager's details for this job. We will also write them an intro email for you.
Job Description
About the Role: Junior Cybersecurity Architect, GRC & Risk
CYE is seeking a Junior Cybersecurity Architect, GRC & Risk to support governance, risk analysis, and security process design. This role focuses on translating security findings into structured mitigation plans and improving methodologies and frameworks, without requiring hands-on technical configuration.
You will work closely with CISOs, security leaders, engineering teams, and customers on due diligence, maturity assessments, and the development of robust security processes and documentation.
Responsibilities
- Conduct customer and third-party security assessments and questionnaires
- Lead or support mitigation workshops and build actionable remediation plans
- Develop and refine methodologies, processes, and architectural guidelines
- Map technical findings to governance, risk, and control gaps
- Perform NIST CSF 2.0–aligned maturity assessments
- Produce clear reports and executive summaries
- Maintain internal documentation and ensure framework alignment
Qualifications
- 1–2 years in cybersecurity GRC, IT risk, compliance, audit/assurance, or related process-oriented security roles
- Strong understanding of governance, risk management, and operational processes
- Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and third-party risk management
- Basic conceptual understanding of cloud/SaaS shared responsibility models
- Ability to communicate technical issues in business-aligned language
- Strong writing, communication, and facilitation skills
- Comfortable collaborating with internal stakeholders and external customers
About Us
CYE’s exposure management platform, Hyver, transforms the way security teams protect their organizations. With CRQ at its core, Hyver reveals exposure in financial terms, visualizes attack routes to critical business assets, and creates tailored mitigation plans. Founded in 2012, CYE has served hundreds of organizations globally.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
Key skills/competency
- GRC (Governance, Risk, Compliance)
- Risk Management
- NIST CSF 2.0
- ISO 27001
- Security Assessments
- Mitigation Planning
- Third-Party Risk Management
- Process Design
- Stakeholder Collaboration
- Technical-to-Business Translation
How to Get Hired at CYE
- Research CYE's mission: Study their exposure management platform, Hyver, and CRQ focus for cybersecurity.
- Highlight GRC expertise: Emphasize strong understanding of governance, risk, and compliance frameworks like NIST CSF.
- Showcase communication skills: Demonstrate ability to translate technical findings into clear, business-aligned language for stakeholders.
- Tailor your resume: Customize your application to reflect experience in security assessments and mitigation planning roles.
- Prepare for process-oriented questions: Expect questions on developing methodologies and improving risk management processes effectively.
Frequently Asked Questions
Find answers to common questions about this job opportunity
Explore similar opportunities that match your background