Job Description
Must be located in US
About Quantara AI, Inc.
Quantara is an AI based cyber risk analytics company. Our vision is to build cutting edge
products to empower business executives (BoDs, CXOs and business leaders) to use the power
of AI, ML and data to gain business aligned cyber & enterprise risk insights. By near real-time
and automated risk visibility, we help businesses to understand enterprise, cyber, Third-party,
compliance & regulatory risks, make ROI based decisions and advance business progression with risk treatment strategies.
Job Overview:
We are seeking a highly skilled and motivated Cyber security analyst to join our cyber team
within the product development department. The ideal candidate will be responsible for
establishing data requirements based on leading cyber frameworks (e.g., NIST CSF, MITRE, CIS
Benchmark etc.), develop KRIs and KPIs, develop cyber risk quantification models, and have
experience developing data acquisition mechanisms from different cyber and threat intelligence
systems. This role combines cybersecurity knowledge with experience in data acquisition and
analysis.
Key Responsibilities:
- Experience conducting cyber risk and controls maturity assessments using leading industry
frameworks e.g. NIST CSF, ISO 27000, Hi-Trust, C2M2, NERC, NIST 800-53, CIS Benchmark etc.
- Experience working with multiple cyber domains such as Network Security, End Point Security,
SIEM/XDR, GRC, Cloud Security, IAM, CSPM solutions, Vulnerability Management, Data Security,
Application Security etc.
- Develop mapping between different cyber industry frameworks, develop leading Key Risk
Indicators, Key Performance Indicators and identify data requirements for automated metrics
generation.
- Develop cyber security scorecard and risk quantification models in financial terms using
framework like FAIR.
- Develop and implement advanced analytics models for the correlation of cyber threats and
vulnerabilities based on frameworks such as MITRE, Cyber Kill Chain etc. Develop quantification
model for calculation of cyber risk.
- Develop Data acquisition APIs to collect data from various cyber, organizational, and external
data sources.
- Stay abreast of the latest cybersecurity threats and trends, incorporating this knowledge into
analytics models.
- Identify methods to communicate risk drivers and recommendations to technical and non-
technical stakeholders through clear, concise reports and presentations.
- Assist in the development and maintenance of data pipelines for real-time threat analysis.
- Participate in the evaluation and selection of cybersecurity tools and technologies.
Required Qualifications:
- Bachelor’s or master’s degree in computer science, Information Security, or a related field.
- 5-7 years of experience in cyber security, risk quantification, data analysis and API development
- Experience with cybersecurity frameworks e.g., NIST CSF, ISO 27000, NIST 800-53, MITRE, CIS
Benchmark
- Experience developing cyber security scorecards, cyber KRI and KPI development and
operationalization.
- Familiarity with financial modeling and cyber risk quantification using FAIR.
- Basic programming skills in Python, R, or similar languages, with experience in building
automated data acquisition pipelines using REST API.
- Understanding of cyber threats, attack vectors, and vulnerability management.
- Excellent problem-solving abilities and analytical skills.
- Strong communication skills, both written and verbal, with the ability to convey complex
information to a non-technical audience.
Preferred Qualifications:
- Certifications in data science, cybersecurity (e.g., CISSP, CISM), or both.
- Experience with cloud native analytics services in AWS, Azure or GCP
- Experience in machine learning and AI
Benefits:
- Opportunity to work in a Dynamic and innovative Startup work environment.
- Flexible working hours, remote work options and Stock options.