Security Risk Analyst
full-time•Hyderabad
About this role
Role Summary
We are looking for a Security Risk Analyst with 2 years of experience to help identify, assess, and manage information security risks across our organization.
In this role, he/she will work closely with IT, security, and business teams to evaluate threats, review controls, and support risk‑based decision‑making that keeps our systems, data, and customers safe.
Key Responsibilities
Conduct security risk assessments on applications, infrastructure, vendors, and business processes.
Identify threats, vulnerabilities, and control gaps, and document associated risks and impacts.
Contribute to risk registers, ensuring risks are clearly described, rated, and tracked.
Review and evaluate the effectiveness of existing security controls and recommend improvements.
Support compliance efforts with relevant standards/regulations (e.g., ISO 27001, NIST, SOC 2, PCI-DSS, GDPR, etc. as applicable).
Support the development, review, and maintenance of security policies, standards, and procedures.
Document risk assessment results, remediation plans, and status updates in a structured, clear way.
Maintain up-to-date security and risk documentation (e.g., risk registers, asset inventories, vendor assessments).
Prepare reports, dashboards, and presentations summarizing security risks and remediation status.
Communicate risk findings and recommendations in business-friendly language.
Work with business owners to define risk treatment plans and timelines.
Required Qualifications & Experience
Bachelor’s degree in information security, Computer Science, IT, Risk Management, or a related field (or equivalent practical experience).
2 years of experience in information security, IT risk management, vendor management, or cybersecurity roles.
Strong Understanding of OWASP Top 10
Awareness of ISO 27001 controls and NIST Cybersecurity Framework
Experience performing risk assessments, security reviews, or internal/external audits.
Familiarity with risk management concepts (likelihood/impact, inherent vs. residual risk, risk appetite).
Soft Skills
Ability to analyse technical information, identify risks, and propose practical mitigations.
Clear written and verbal communication with both technical and non‑technical stakeholders.
Comfortable working with cross‑functional teams (IT, Security, Legal, Compliance, Business).
Able to manage multiple tasks, assessments, and deadlines simultaneously.
Proactive mindset: able to suggest realistic, risk-based solutions rather than just identifying issues.
Preferred Qualifications
CEH, CompTIA Security+, ECSA, or EC-Council cybersecurity certification.
ISO 27001 Internal Auditor
Experience with:
GRC or risk management tools (e.g., Archer, ServiceNow GRC, One Trust, etc.)
Cloud environments (AWS, Azure, GCP) and their security concepts.
Working in regulated or high‑compliance environments (e.g., finance, healthcare, SaaS).
\nWhat you'll do
- The Security Risk Analyst will conduct security risk assessments and identify threats and vulnerabilities across the organization. They will also support compliance efforts and document risk assessment results.
About UltraViolet Cyber
UltraViolet Cyber is a leading tech-enabled managed security services provider, delivering unparalleled cybersecurity expertise that fills technology and talent gaps across Global 2000 and Federal Government customers. Founded and operated by security practitioners from the national intelligence community, UltraViolet Cyber connects offensive security, application security, detection and response, and security engineering to deliver a differentiated approach to cybersecurity operations. Transforming customers’ security programs, UltraViolet Cyber’s flagship security-as-a-service solution, UV Lens, removes complex operational silos, replacing them with integrated security capabilities. UltraViolet is headquartered in McLean, Virginia with technology centers across the world. Learn more at www.uvcyber.com.
Ready to join UltraViolet Cyber?
Take the next step in your career journey
Frequently Asked Questions
What does a Security Risk Analyst do at UltraViolet Cyber?
As a Security Risk Analyst at UltraViolet Cyber, you will: the Security Risk Analyst will conduct security risk assessments and identify threats and vulnerabilities across the organization. They will also support compliance efforts and document risk assessment results..
Is the Security Risk Analyst position at UltraViolet Cyber remote?
The Security Risk Analyst position at UltraViolet Cyber is based in Hyderabad, India. Contact the company through Clera for specific work arrangement details.
How do I apply for the Security Risk Analyst position at UltraViolet Cyber?
You can apply for the Security Risk Analyst position at UltraViolet Cyberdirectly through Clera. Click the "Apply Now" button above to start your application. Clera's AI-powered platform will help match your profile with this opportunity and guide you through the application process.