Principal Technical Risk Analyst

📋 Description

• Own the full cyber risk lifecycle: identify, assess, prioritize, mitigate, and report.
• Establish a scalable risk operating model from discovery to monitoring.
• Ensure cadence, ownership, and execution rigor across teams.
• Drive adoption of the risk program across Security, Product, Engineering, and Infrastructure.
• Translate technical issues into clear, business-relevant risk narratives.

🎯 Requirements

• 8–12+ years in Technical Risk, Security GRC, ERM, or related fields.
• Proven experience owning and leading a technical/cyber risk program.
• Cybersecurity domains: cloud, infrastructure, IAM, application security.
• Risk frameworks: NIST CSF, ISO 27001.
• Experience operating in high-growth, cloud environments.
• Experience with GRC tooling such as Optro (AuditBoard), ServiceNow GRC, Workiva.

🎁 Benefits

• Hybrid work model with in-person collaboration.
• Competitive compensation and benefits package.
• Access to AI tools across disciplines.
• Benefits details at https://careers.toasttab.com/toast-benefits