Junior Cybersecurity Architect (GRC & Risk)

CYE is seeking a Junior Cybersecurity Architect (GRC & Risk) to support governance, risk analysis, and security process design. The role focuses on translating security findings into structured mitigation plans and improving methodologies and frameworks—without hands‑on technical configuration.
You will work with CISOs, security leaders, engineering teams, and customers on due diligence, maturity assessments, and development of security processes and documentation.
Responsibilities
Conduct customer and third‑party security assessments and questionnaires.
Lead or support mitigation workshops and build actionable remediation plans.
Develop and refine methodologies, processes, and architectural guidelines.
Map technical findings to governance, risk, and control gaps.
Perform NIST CSF 2.0–aligned maturity assessments.
Produce clear reports and executive summaries.
Maintain internal documentation and ensure framework alignment.
Qualifications
1–2 years in cybersecurity GRC, IT risk, compliance, audit/assurance, or related process‑oriented security roles.
Strong understanding of governance, risk management, and operational processes.
Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and third‑party risk management.
Basic conceptual understanding of cloud/SaaS shared responsibility models.
Ability to communicate technical issues in business‑aligned language.
Strong writing, communication, and facilitation skills.
Comfortable collaborating with internal stakeholders and external customers.
About us
CYE’s exposure management platform, Hyver, transforms the way security teams protect their organizations. With CRQ at its core, Hyver reveals exposure in financial terms, visualizes attack routes to critical business assets, and creates tailored mitigation plans. Founded in 2012, CYE has served hundreds of organizations globally.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.