Cyber Risk Analyst

POSITION SUMMARY

Zoetis, Inc. is the world's largest producer of medicine and vaccinations for pets and livestock. The Zoetis Tech & Digital (ZTD) Global Technology Risk Management (TRM) Organization is responsible for protecting Zoetis' information resources. Within TRM, the global Identity, Directory & Access Management (IDAM) organization ensures that the right people have the right access to the right information.

The Cyber Risk Analyst is responsible for overseeing the organization's vulnerability management program, focusing on IT infrastructure, endpoints, networks, and cloud environments. This role ensures proactive identification, analysis, prioritization, and remediation of technical vulnerabilities while embedding risk management practices to minimize security threats and support compliance objectives. Additionally, the Cyber Risk Analyst will help track enterprise security risk by monitoring risk metrics, maintaining risk registers, and providing regular updates to leadership, enabling informed decision-making and a holistic understanding of the organization's security posture.

POSITION RESPONSIBILITIES

• Own the enterprise cybersecurity risk register, taxonomy, and exception workflows with clear escalation thresholds.

• Define and track KRIs/KPIs (e.g., residual risk, SLA compliance, control effectiveness); deliver executive dashboards and briefings.

• Ensure asset and telemetry data quality and coverage; standardize with a Common Information Model (CIM).

• Drive prioritized remediation roadmaps; enforce SLAs with automated reminders and escalations; verify fixes via retest.

• Integrate post-incident lessons into the risk register and backlog; validate controls through purple-team exercises.

• Include third‑party/vendor and application security findings for a holistic enterprise risk view.

• Map risks to policies and regulatory frameworks (NIST, ISO 27001, PCI-DSS, HIPAA); support audits and evidence collection.

• Continuously improve VM processes, tooling, and control designs; measure the efficacy of controls and exceptions.

• Be hands-on: query/validate data, build metrics/dashboards, and translate technical issues into clear risk treatment plans.

• Engage stakeholders to drive decisions and timelines; tie outcomes to OKRs focused on risk reduction and faster decision cycles.

EDUCATION AND EXPERIENCE

Education:

• Bachelor's degree in computer sciences, Information Security, Information Systems, Engineering, Sciences or relevant professional ex

  About Zoetis
  
  At Zoetis, our purpose is to nurture the world and humankind by advancing care for animals. As a Fortune 500 company and the world leader in animal health, we discover, develop, manufacture and commercialize vaccines, medicines, diagnostics and other technologies for companion animals and livestock. We know our people drive our success. Our award-winning culture, built around our Core Beliefs, focuses on our colleagues' careers, connection and support. We offer competitive healthcare and retirement savings benefits, along with an array of benefits, policies and programs to support employee well-being in every sense, from health and financial wellness to family and lifestyle resources.

  Notice: Zoetis Recruiters will contact candidates via email from an address ending in @zoetis.com and may also initially connect with candidates through LinkedIn, including LinkedIn InMail. Zoetis does not use Gmail, Outlook, Yahoo, or other web-based/generic email domains to communicate about job opportunities, interviews, or offers of employment. If you receive a recruitment-related email message claiming to be from Zoetis that does not come from @zoetis.com, please treat it as suspicious. For your security, do not reply, click links, open attachments, share personal or financial information, or send money in response to unexpected or questionable recruitment communications.

  Global Job Applicant Privacy Notice