Home › Companies › Hdep Fa Us2 Oraclecloud Com CX › Senior Analyst, Cyber Risk & Compliance (f/m/d)
Senior Analyst, Cyber Risk & Compliance (f/m/d)
Hdep Fa Us2 Oraclecloud Com CX · Germany; DE-Frankfurt-FRA0, Frankfurt am Main, Hessen, DE · On Site · Active · Oracle Recruiting Cloud / Fusion HCM
Job facts
| Field | Value |
|---|---|
| Company | Hdep Fa Us2 Oraclecloud Com CX |
| Title | Senior Analyst, Cyber Risk & Compliance (f/m/d) |
| Normalized title | - |
| Department / team | Information Security |
| Location | Hessen, DE, United States |
| Work model | On Site |
| Employment type | Full Time |
| Salary | - |
| Status | active |
| ATS provider | Oracle Recruiting Cloud / Fusion HCM |
| Posted / first seen | 2026-06-22 / 2026-06-23 |
| Changed / last seen | 2026-06-23 / 2026-06-23 |
Related slices
| Page | What it contains | Open |
|---|---|---|
| Company jobs | Active postings from Hdep Fa Us2 Oraclecloud Com CX. | Open |
| Company breakdowns | Role, location, ATS, and work model facets for this company. | Open |
| ATS provider jobs | Active postings observed through Oracle Recruiting Cloud / Fusion HCM. | Open |
| Provider filtered search | The same provider as a filtered job collection. | Open |
| City jobs | Active postings in Hessen. | Open |
| Department jobs | Active postings in Information Security. | Open |
| Work model jobs | Active On Site postings. | Open |
| Lifecycle events | Open, update, close, and reopen events for this posting. | Open |
| Original posting | Canonical source or apply URL captured from the ATS. | Open |
Linked records
| Company | Hdep Fa Us2 Oraclecloud Com CX |
| Source | 15b5a3ae-7438-40e5-8519-bed5461b01bc |
| ATS provider | Oracle Recruiting Cloud / Fusion HCM |
Description
Description
We are seeking a Senior Analyst, Cyber Risk & Compliance (f/m/d) in Frankfurt is responsible for executing core cyber & IT risk management activities that support the organization’s overall security, compliance, and resilience objectives. This role is primarily focused on performing cyber and IT security risk assessments, evaluating the design and effectiveness of security controls, maintaining the enterprise cyber risk register, and producing risk posture reporting for leadership and key stakeholders.
The ideal candidate is a strong execution-oriented practitioner with hands-on experience in risk identification, control assessment, risk analysis, GRC platform administration/use, and reporting, along with a solid understanding of the NIST Cybersecurity Framework (CSF) and NIST Risk Management Framework (RMF).
Your role
Conduct cybersecurity and IT risk assessments across systems, applications, infrastructure, business processes, and third parties, as applicable. Use ServiceNow IRM or similar GRC tools to manage risk workflows, control records, issues, exceptions, and reporting. Perform control assessments to evaluate control design, implementation, and operating effectiveness. Identify and document threats, vulnerabilities, control gaps, business impacts, and residual risks. Maintain the cyber risk register, including risk scoring, ownership, treatment plans, and remediation status. Track and follow up on risk remediation and corrective action plans with control owners and stakeholders. Prepare risk posture dashboards, reports, KRIs, and summaries for leadership and governance forums. Support alignment with applicable regulatory and framework requirements, including NIST, NIS2, DORA, ISO 27001/27005, and PCI DSS. Partner with cybersecurity, IT, compliance, audit, legal, and business teams to gather evidence, validate findings, and support remediation efforts. Contribute to audit, compliance, and regulatory readiness activities by maintaining clear and accurate risk and control documentation. Analyze risk trends and recurring control issues to support continuous improvement of the risk management program. Assist in strengthening and standardizing risk assessment methodologies, templates, and reporting processes.
Qualifications
4-7+ years of experience in cybersecurity, IT risk, information security, audit, or compliance. Hands-on experience with risk assessments, control assessments, risk registers, and risk/reporting processes. Strong knowledge of NIST CSF and NIST RMF, with familiarity in NIS2, DORA, ISO 27001/27005, PCI DSS, and related frameworks. Hands-on experience with ServiceNow IRM / GRC platforms is a must. Strong analytical, documentation, communication, and stakeholder management skills. Ability to translate technical findings into clear business risk language. Bachelor’s degree in a related field; certifications such as CRISC, CISA, CISSP, or CISM are preferred. Fluent English language knowledge performance.
Full job record
| Job ID | 5559f4ce5b86c9f8486238de610f60b89046c970 |
| Org ID | 38f0dc64-605e-45d8-b67a-e3338355cd6e |
| Source ID | 15b5a3ae-7438-40e5-8519-bed5461b01bc |
| Board ID | 15b5a3ae-7438-40e5-8519-bed5461b01bc |
| Provider | oracle_hcm |
| Provider Job Key | 8097 |
| Title | Senior Analyst, Cyber Risk & Compliance (f/m/d) |
| Normalized Title | — |
| Status | active |
| Active | yes |
| Location Text | Germany; DE-Frankfurt-FRA0, Frankfurt am Main, Hessen, DE |
| Department | Information Security |
| Team | — |
| Employment Type | full_time |
| Workplace Type | on_site |
| Remote Policy | — |
| Country | United States |
| Region | DE |
| City | Hessen |
| Salary Raw | Description We are seeking a Senior Analyst, Cyber Risk & Compliance (f/m/d) in Frankfurt is responsible for executing core cyber & IT risk management activities that support the organization’s overall security, compliance, and resilience objectives. This role is primarily focused on performing cyber and IT security risk assessments, evaluating the design and effectiveness of security controls, maintaining the enterprise cyber risk register, and producing risk posture reporting for leadership and key stakeholders. The ideal candidate is a strong execution-oriented practitioner with hands-on experience in risk identification, control assessment, risk analysis, GRC platform administration/use, and reporting, along with a solid understanding of the NIST Cybersecurity Framework (CSF) and NIST Risk Management Framework (RMF). Your role Conduct cybersecurity and IT risk assessments across systems, applications, infrastructure, business processes, and third parties, as applicable. Use ServiceNow IRM or similar GRC tools to manage risk workflows, control records, issues, exceptions, and reporting. Perform control assessments to evaluate control design, implementation, and operating effectiveness. Identify and document threats, vulnerabilities, control gaps, business impacts, and residual risks. Maintain the cyber risk register, including risk scoring, ownership, treatment plans, and remediation status. Track and follow up on risk remediation and corrective action plans with control owners and stakeholders. Prepare risk posture dashboards, reports, KRIs, and summaries for leadership and governance forums. Support alignment with applicable regulatory and framework requirements, including NIST, NIS2, DORA, ISO 27001/27005, and PCI DSS. Partner with cybersecurity, IT, compliance, audit, legal, and business teams to gather evidence, validate findings, and support remediation efforts. Contribute to audit, compliance, and regulatory readiness activities by maintaining clear and accurate risk and control documentation. Analyze risk trends and recurring control issues to support continuous improvement of the risk management program. Assist in strengthening and standardizing risk assessment methodologies, templates, and reporting processes. Qualifications 4-7+ years of experience in cybersecurity, IT risk, information security, audit, or compliance. Hands-on experience with risk assessments, control assessments, risk registers, and risk/reporting processes. Strong knowledge of NIST CSF and NIST RMF, with familiarity in NIS2, DORA, ISO 27001/27005, PCI DSS, and related frameworks. Hands-on experience with ServiceNow IRM / GRC platforms is a must. Strong analytical, documentation, communication, and stakeholder management skills. Ability to translate technical findings into clear business risk language. Bachelor’s degree in a related field; certifications such as CRISC, CISA, CISSP, or CISM are preferred. Fluent English language knowledge performance. |
| Salary Min | — |
| Salary Max | — |
| Salary Currency | — |
| Salary Period | — |
| Source URL | https://hdep.fa.us2.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX/job/8097 |
| Apply URL | https://hdep.fa.us2.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX/job/8097 |
| First Seen At | 2026-06-23 11:23:46Z |
| Last Seen At | 2026-06-23 11:23:46Z |
| Last Checked At | 2026-06-23 11:23:46Z |
| Last Changed At | 2026-06-23 11:23:46Z |
| Inactive At | — |
| Source Posted At | 2026-06-22 00:00:00Z |
| Source Updated At | — |
| Raw Payload Uri | s3://job-postings-prod-raw-590183727216/raw/provider=oracle_hcm/board=hdep.fa.us2.oraclecloud.com|CX/date=2026-06-23/2026-06-23T11-23-31-286Z-4be0d8a7dbe5c605ff66e9b5201828a0558644149a3e478e9731bca3c0163cf8.json |
Event Fields
{
"content_hash": "365f204645048a739cefd089d9029bf913527ea28e9a9a7a4947f8003aa8d216",
"source_hash": "b96b11bd466e0208ab9541c98fa89b5f161207b923ce3de22d7b41aff52c7d77",
"last_changed_at": "2026-06-23T11:23:46.992Z",
"active_status": "active"
}Parsed Structured
{
"dedupe": null,
"language": "en",
"location": {
"raw": "DE-Frankfurt-FRA0, Frankfurt am Main, Hessen, DE",
"city": "Hessen",
"region": "DE",
"country": "United States",
"is_remote": false,
"confidence": 0.9
},
"salary_max": null,
"salary_min": null,
"inferred_at": "2026-06-23T11:23:46.756Z",
"launch_scope": {
"reason": "english_us_canada",
"included": true,
"language": "en",
"location": {
"raw": "DE-Frankfurt-FRA0, Frankfurt am Main, Hessen, DE",
"city": "Hessen",
"region": "DE",
"country": "United States",
"is_remote": false,
"confidence": 0.9
},
"countries": [
"United States"
]
},
"remote_policy": null,
"salary_period": null,
"workplace_type": "on_site",
"salary_currency": null
}Extensions
{}Native Structured
{
"detail": {
"Id": "8097",
"Title": "Senior Analyst, Cyber Risk & Compliance (f/m/d)",
"media": [],
"skills": [],
"JobType": null,
"Category": "Information Security",
"JobGrade": null,
"JobLevel": null,
"JobShift": null,
"WorkDays": null,
"WorkHours": null,
"WorkYears": null,
"Department": null,
"HotJobFlag": false,
"StudyLevel": null,
"WorkMonths": null,
"WorkerType": null,
"GeographyId": 300000000361340,
"JobFamilyId": 300000131431925,
"JobFunction": "Cyber Resilience",
"JobSchedule": "Full time",
"BusinessUnit": null,
"ContractType": null,
"Organization": null,
"TrendingFlag": false,
"workLocation": [
{
"Country": "DE",
"Region1": null,
"Region2": "Hessen",
"Region3": null,
"Building": null,
"Latitude": "50.11884",
"Longitude": "8.73473",
"LocationId": 300000387183210,
"PostalCode": "60314",
"TownOrCity": "Frankfurt am Main",
"AddressLine1": "Hanauer Landstrasse",
"AddressLine2": "298",
"AddressLine3": null,
"AddressLine4": null,
"LocationName": "DE-Frankfurt-FRA0"
}
],
"ContentLocale": "en",
"HiringManager": null,
"LegalEmployer": null,
"RequisitionId": 300001986647602,
"WorkplaceType": "On-site",
"BusinessUnitId": 300000005792959,
"OrganizationId": 300000378991046,
"GeographyNodeId": 100010822288327,
"JobFunctionCode": "CYBER_RESILIENCE",
"LegalEmployerId": 300000001402024,
"PrimaryLocation": "Germany",
"RequisitionType": "EMEA - Employee",
"NumberOfOpenings": null,
"WorkplaceTypeCode": "ORA_ON_SITE",
"BeFirstToApplyFlag": true,
"otherWorkLocations": [],
"secondaryLocations": [],
"ExternalContactName": null,
"ShortDescriptionStr": "",
"ExternalContactEmail": null,
"ExternalPostedEndDate": null,
"OtherRequisitionTitle": null,
"requisitionFlexFields": [],
"ApplyWhenNotPostedFlag": true,
"DomesticTravelRequired": null,
"ExternalDescriptionStr": "<p><span lang=\"EN-US\">We are seeking a <strong>Senior Analyst, Cyber Risk & Compliance (f/m/d)</strong> in Frankfurt is responsible for executing core cyber & IT risk management activities that support the organization’s overall security, compliance, and resilience objectives. This role is primarily focused on performing cyber and IT security risk assessments, evaluating the design and effectiveness of security controls, maintaining the enterprise cyber risk register, and producing risk posture reporting for leadership and key stakeholders. </span></p><p><span lang=\"EN-US\">The ideal candidate is a strong execution-oriented practitioner with hands-on experience in risk identification, control assessment, risk analysis, GRC platform administration/use, and reporting, along with a solid understanding of the NIST Cybersecurity Framework (CSF) and NIST Risk Management Framework (RMF). </span></p><p> </p><p><span lang=\"EN-US\"><strong>Your role</strong></span></p><ul style=\"list-style-type: disc;\"><li><span lang=\"EN-US\">Conduct cybersecurity and IT risk assessments across systems, applications, infrastructure, business processes, and third parties, as applicable. </span></li><li><span lang=\"EN-US\">Use ServiceNow IRM or similar GRC tools to manage risk workflows, control records, issues, exceptions, and reporting. </span></li><li><span lang=\"EN-US\">Perform control assessments to evaluate control design, implementation, and operating effectiveness. </span></li><li><span lang=\"EN-US\">Identify and document threats, vulnerabilities, control gaps, business impacts, and residual risks. </span></li><li><span lang=\"EN-US\">Maintain the cyber risk register, including risk scoring, ownership, treatment plans, and remediation status. </span></li><li><span lang=\"EN-US\">Track and follow up on risk remediation and corrective action plans with control owners and stakeholders. </span></li><li><span lang=\"EN-US\">Prepare risk posture dashboards, reports, KRIs, and summaries for leadership and governance forums. </span></li><li><span lang=\"EN-US\">Support alignment with applicable regulatory and framework requirements, including NIST, NIS2, DORA, ISO 27001/27005, and PCI DSS. </span></li><li><span lang=\"EN-US\">Partner with cybersecurity, IT, compliance, audit, legal, and business teams to gather evidence, validate findings, and support remediation efforts.</span></li><li><span lang=\"EN-US\">Contribute to audit, compliance, and regulatory readiness activities by maintaining clear and accurate risk and control documentation. </span></li><li><span lang=\"EN-US\">Analyze risk trends and recurring control issues to support continuous improvement of the risk management program. </span></li><li><span lang=\"EN-US\">Assist in strengthening and standardizing risk assessment methodologies, templates, and reporting processes. </span></li></ul><p><span lang=\"EN-US\"> </span></p><p><span lang=\"EN-US\"><strong>Qualifications</strong></span><span> </span></p><ul style=\"list-style-type: disc;\"><li><span lang=\"EN-US\">4-7+ years of experience in cybersecurity, IT risk, information security, audit, or compliance. </span></li><li><span lang=\"EN-US\">Hands-on experience with risk assessments, control assessments, risk registers, and risk/reporting processes. </span></li><li><span lang=\"EN-US\">Strong knowledge of NIST CSF and NIST RMF, with familiarity in NIS2, DORA, ISO 27001/27005, PCI DSS, and related frameworks. </span></li><li><span lang=\"EN-US\">Hands-on experience with ServiceNow IRM / GRC platforms is a must. </span></li><li><span lang=\"EN-US\">Strong analytical, documentation, communication, and stakeholder management skills. </span></li><li><span lang=\"EN-US\">Ability to translate technical findings into clear business risk language. </span></li><li><span lang=\"EN-US\">Bachelor’s degree in a related field; certifications such as CRISC, CISA, CISSP, or CISM are preferred. </span></li><li><span lang=\"EN-US\">Fluent English language knowledge</span> performance.</li></ul>",
"ObjectVerNumberProfile": null,
"PrimaryLocationCountry": "DE",
"CorporateDescriptionStr": "",
"ExternalPostedStartDate": null,
"ExternalQualificationsStr": "",
"InternalQualificationsStr": "",
"OrganizationDescriptionStr": "",
"primaryLocationCoordinates": [
{
"Latitude": "50.51707",
"Longitude": "10.20266",
"CountryCode": "DE",
"GeographyId": 300000000361340,
"GeographyNodeId": 100010822288327
}
],
"ExternalResponsibilitiesStr": "",
"InternalResponsibilitiesStr": "",
"InternationalTravelRequired": null
},
"list_job": {
"Id": "8097",
"Title": "Senior Analyst, Cyber Risk & Compliance (f/m/d)",
"JobType": null,
"Distance": 1782086400000,
"JobShift": null,
"Language": "US",
"WorkDays": null,
"JobFamily": null,
"Relevancy": 9,
"WorkHours": null,
"Department": null,
"HotJobFlag": false,
"PostedDate": "2026-06-22",
"StudyLevel": null,
"WorkerType": null,
"GeographyId": 300000000361340,
"JobFunction": null,
"JobSchedule": null,
"BusinessUnit": null,
"ContractType": null,
"ManagerLevel": null,
"Organization": null,
"TrendingFlag": false,
"workLocation": [
{
"Country": "DE",
"Region1": null,
"Region2": "Hessen",
"Region3": null,
"Building": null,
"Latitude": 50.11884,
"Longitude": 8.73473,
"LocationId": 300000387183210,
"PostalCode": "60314",
"TownOrCity": "Frankfurt am Main",
"AddressLine1": "Hanauer Landstrasse",
"AddressLine2": "298",
"AddressLine3": null,
"AddressLine4": null,
"LocationName": "DE-Frankfurt-FRA0"
}
],
"LegalEmployer": null,
"MediaThumbURL": null,
"WorkplaceType": "On-site",
"BusinessUnitId": 300000005792959,
"OrganizationId": 300000378991046,
"PostingEndDate": null,
"LegalEmployerId": 300000001402024,
"PrimaryLocation": "Germany",
"WorkDurationYears": null,
"WorkplaceTypeCode": "ORA_ON_SITE",
"BeFirstToApplyFlag": true,
"WorkDurationMonths": null,
"otherWorkLocations": [],
"secondaryLocations": [],
"ShortDescriptionStr": "",
"requisitionFlexFields": [],
"DomesticTravelRequired": null,
"PrimaryLocationCountry": "DE",
"ExternalQualificationsStr": null,
"ExternalResponsibilitiesStr": null,
"InternationalTravelRequired": null
},
"detail_meta": {
"url": "https://hdep.fa.us2.oraclecloud.com/hcmRestApi/resources/latest/recruitingCEJobRequisitionDetails?expand=all&onlyData=true&finder=ById;Id=%228097%22,siteNumber=CX",
"http_status": 200,
"content_type": "application/json",
"response_bytes": 7257
},
"detail_errors": []
}Get this page with API
Rendered from the bluedoor Job Postings API. Reproduce it:
GET https://api.bluedoor.sh/job-postings/v1/jobs/5559f4ce5b86c9f8486238de610f60b89046c970?include=descriptionJSONGET https://api.bluedoor.sh/job-postings/v1/orgs/38f0dc64-605e-45d8-b67a-e3338355cd6eJSONGET https://api.bluedoor.sh/job-postings/v1/sources/15b5a3ae-7438-40e5-8519-bed5461b01bcJSONGET https://api.bluedoor.sh/job-postings/v1/jobs/5559f4ce5b86c9f8486238de610f60b89046c970/eventsJSON