Risk Analyst
Congregate Technologies
13 LPA
Location: Hyderabad
Posted: January 22, 2026
Posted By: System Administrator
Job Description
Job Details
We are seeking a highly skilled and detail-oriented Risk Analyst to support and advance Congregate's Cybersecurity and Enterprise Risk Management programs. This is an individual contributor role responsible for identifying, analyzing, prioritizing, and clearly communicating cyber risk across the organization in a consistent, repeatable, and decision-oriented manner.
In this role, you will work across multiple cybersecurity and governance workstreams, maintaining the cyber risk register, supporting qualitative and quantitative risk assessments, and ensuring that risk treatment plans are well-defined, tracked, and aligned to business priorities. You will partner closely with Security, Compliance, Internal Audit, and business stakeholders to ensure risks are accurately represented, properly governed, and supported by audit-ready evidence.
The Risk Analyst operates with a high degree of accountability and ownership, managing risk data, metrics, and reporting that inform leadership decision-making. You will be responsible for translating complex technical and regulatory risk into clear, actionable insights for executive audiences, including risk committees and senior leadership. While this role does not include people management, it carries meaningful enterprise impact through influence, rigor, and the quality of analysis delivered.
Success Profile:
This role is anchored in our company’s core competencies—These competencies reflect the mindsets and behaviors that define success in this role. We outline how each competency translates into real-world actions and outcomes specific to this role.
Ownership
Owns the accuracy, completeness, and ongoing maintenance of the cyber risk register, ensuring risks are clearly articulated, prioritized, and kept current.
Takes accountability for tracking risk treatment plans, monitoring mitigation progress, and following up with risk owners to drive timely resolution.
Serves as a trusted point of contact for cyber risk analysis, responding to questions from Security, Compliance, Internal Audit, and business stakeholders with sound judgment.
Handles sensitive risk, regulatory, and audit-related information with integrity, discretion, and strong ethical standards.
Drives Efficiency
Establishes structured, repeatable processes for risk identification, assessment, documentation, and reporting to reduce manual effort and variability.
Maintains and improves risk workflows, governance artifacts, and evidence collection to support audit-ready outcomes across SOC 2, PCI, and other frameworks.
Coordinates third-party and vendor risk activities efficiently, aligning reviews with procurement and minimizing friction for internal teams.
Leverages automation and AI-enabled capabilities within GRC tooling to streamline risk data collection, trend analysis, and reporting cycles.
Results Driven
Performs qualitative and quantitative risk assessments aligned to frameworks such as NIST CSF and FAIR/SAFE to surface the most impactful risks.
Defines, tracks, and trends key risk indicators (KRIs), ensuring leadership has clear visibility into current and emerging risk exposure.
Produces concise, decision-oriented reporting for executives, risk committees, and the board, highlighting risk levels, treatment progress, and changes over time.
Ensures risk insights translate into actionable outcomes by aligning findings with remediation plans and business priorities.
Innovative
Evolves risk analysis and reporting practices by incorporating new methodologies, data sources, and analytical techniques.
Improves how cyber risk is communicated by translating technical and regulatory detail into clear, business-relevant insights.
Identifies opportunities to enhance risk governance, measurement, and visualization as the organization’s security and compliance maturity grows.
Requirements
Bachelor’s degree in Information Security, Risk Management, Business Analytics, or a related field preferred.
3–5 years of experience in cyber risk, governance, compliance, or related security functions.
Working knowledge of cyber risk frameworks and methodologies such as NIST CSF, ISO 27005, and FAIR or SAFE risk quantification.
Experience maintaining risk registers, tracking mitigation plans, and supporting risk governance processes.
Familiarity with regulatory and assurance frameworks such as SOC 2 and PCI, including evidence collection and audit support.
Hands-on experience with GRC platforms (e.g., Drata, Safebase) and strong analytical skills using tools such as Excel or basic SQL.
Ability to translate technical and regulatory risk into clear, actionable insights for security leadership and executive stakeholders.
Strong judgment and decision-making skills, with the ability to evaluate trade-offs between risk, cost, and business impact.
Demonstrated ability to handle sensitive and confidential information with integrity and professionalism.
Excellent written and verbal communication skills, with the ability to operate effectively across teams and functions.
Proven ability to manage multiple priorities, work independently, and deliver results in a fast-paced, evolving environment.
We are seeking a highly skilled and detail-oriented Risk Analyst to support and advance Congregate's Cybersecurity and Enterprise Risk Management programs. This is an individual contributor role responsible for identifying, analyzing, prioritizing, and clearly communicating cyber risk across the organization in a consistent, repeatable, and decision-oriented manner.
In this role, you will work across multiple cybersecurity and governance workstreams, maintaining the cyber risk register, supporting qualitative and quantitative risk assessments, and ensuring that risk treatment plans are well-defined, tracked, and aligned to business priorities. You will partner closely with Security, Compliance, Internal Audit, and business stakeholders to ensure risks are accurately represented, properly governed, and supported by audit-ready evidence.
The Risk Analyst operates with a high degree of accountability and ownership, managing risk data, metrics, and reporting that inform leadership decision-making. You will be responsible for translating complex technical and regulatory risk into clear, actionable insights for executive audiences, including risk committees and senior leadership. While this role does not include people management, it carries meaningful enterprise impact through influence, rigor, and the quality of analysis delivered.
Success Profile:
This role is anchored in our company’s core competencies—These competencies reflect the mindsets and behaviors that define success in this role. We outline how each competency translates into real-world actions and outcomes specific to this role.
Ownership
Owns the accuracy, completeness, and ongoing maintenance of the cyber risk register, ensuring risks are clearly articulated, prioritized, and kept current.
Takes accountability for tracking risk treatment plans, monitoring mitigation progress, and following up with risk owners to drive timely resolution.
Serves as a trusted point of contact for cyber risk analysis, responding to questions from Security, Compliance, Internal Audit, and business stakeholders with sound judgment.
Handles sensitive risk, regulatory, and audit-related information with integrity, discretion, and strong ethical standards.
Drives Efficiency
Establishes structured, repeatable processes for risk identification, assessment, documentation, and reporting to reduce manual effort and variability.
Maintains and improves risk workflows, governance artifacts, and evidence collection to support audit-ready outcomes across SOC 2, PCI, and other frameworks.
Coordinates third-party and vendor risk activities efficiently, aligning reviews with procurement and minimizing friction for internal teams.
Leverages automation and AI-enabled capabilities within GRC tooling to streamline risk data collection, trend analysis, and reporting cycles.
Results Driven
Performs qualitative and quantitative risk assessments aligned to frameworks such as NIST CSF and FAIR/SAFE to surface the most impactful risks.
Defines, tracks, and trends key risk indicators (KRIs), ensuring leadership has clear visibility into current and emerging risk exposure.
Produces concise, decision-oriented reporting for executives, risk committees, and the board, highlighting risk levels, treatment progress, and changes over time.
Ensures risk insights translate into actionable outcomes by aligning findings with remediation plans and business priorities.
Innovative
Evolves risk analysis and reporting practices by incorporating new methodologies, data sources, and analytical techniques.
Improves how cyber risk is communicated by translating technical and regulatory detail into clear, business-relevant insights.
Identifies opportunities to enhance risk governance, measurement, and visualization as the organization’s security and compliance maturity grows.
Requirements
Bachelor’s degree in Information Security, Risk Management, Business Analytics, or a related field preferred.
3–5 years of experience in cyber risk, governance, compliance, or related security functions.
Working knowledge of cyber risk frameworks and methodologies such as NIST CSF, ISO 27005, and FAIR or SAFE risk quantification.
Experience maintaining risk registers, tracking mitigation plans, and supporting risk governance processes.
Familiarity with regulatory and assurance frameworks such as SOC 2 and PCI, including evidence collection and audit support.
Hands-on experience with GRC platforms (e.g., Drata, Safebase) and strong analytical skills using tools such as Excel or basic SQL.
Ability to translate technical and regulatory risk into clear, actionable insights for security leadership and executive stakeholders.
Strong judgment and decision-making skills, with the ability to evaluate trade-offs between risk, cost, and business impact.
Demonstrated ability to handle sensitive and confidential information with integrity and professionalism.
Excellent written and verbal communication skills, with the ability to operate effectively across teams and functions.
Proven ability to manage multiple priorities, work independently, and deliver results in a fast-paced, evolving environment.
Application Stats
Total Applications: 0
Posted: Jan 22, 2026