Forrester Research

Senior Analyst, Cyber Risk Quantification and GRC

Forrester Research$119K — $193K *
Cambridge, MA 02139In-Person
Finance & Insurance
5 - 7 years of experience
Yesterday
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • 5-7 years of experience as a research analyst, consultant, or practitioner in risk management with emphasis on cyber risk quantification.
  • Strong understanding of risk management practices, technologies, and security trends.
  • Exceptional listening, critical thinking, writing, and presentation skills.
  • Ability to synthesize complex information into clear, engaging concepts.
  • Willingness to travel up to 20%.

Responsibilities

  • Develop deep insights into client needs for effective risk management leadership.
  • Conduct primary research on risk management practices and their business impacts.
  • Influence the future of risk management across various business functions.
  • Collaborate with research teams to enhance the knowledge portfolio on risk management.
  • Produce diverse research outputs including reports, webinars, and infographics.
  • Engage in client consultations to apply Forrester's research to real-world challenges.
  • Establish an industry presence as a thought leader and speaker.

Benefits

  • Comprehensive health care and wellness programs.
  • Generous paid time off and holiday policies.
  • Retirement savings and financial planning assistance.
  • Professional development and continuing education opportunities.
  • Flexible work arrangements and remote work options.
Full Job Description
About This Role:

Forrester is currently looking for a Senior Analyst to conduct research and deliver strategic advice for risk management leaders and their teams. The ideal candidate has a strong understanding of risk management roles, responsibilities, and the most important security and risk trends and their business and technology implications; deep knowledge and experience with risk management practices and methods; deep knowledge and expertise in cyber risk quantification; and deep experience in developing, maintaining, and communicating risk management artifacts including risk standards, procedures, appetite, registry, and business strategy. Expertise in compliance management, internal or external audit, and GRC platforms is strongly desired.

The successful candidate researches and uncovers the strategies, technologies, and best practices of risk management that create a resilient and opportunity-seeking business. The Senior Analyst delivers these insights and recommendations in written reports, presentations, inquiries, guidance sessions, and custom advisory for risk leaders across industries and geographies. Our research is aimed at helping enterprise clients solve business problems and improve business results by applying principles and best practices. We also advise vendors on their strategies, roadmaps, and messaging in line with our market insights and our recommendations for enterprise clients.

Job Description:

The Senior Analyst works as part of a high-performing team with a strong emphasis on collaborating with others in all aspects of the job. The Senior Analyst is expected to:
  • Develop a deep understanding of what Forrester clients require to be successful as risk management leaders and professionals with a focus on how they help their organizations develop risk management capabilities that enable a resilient and opportunity-seeking business.
  • Conduct primary research into risk management capabilities, practices, touchpoints, and artifacts in the context of supporting C-suite executives, business leaders, and appropriate committees.
  • Help define the future of risk management, including how risk leaders and professionals can work with other key business functions and support organizational success.
  • Work with different focus areas across Forrester research teams to develop a complete research portfolio on risk management, providing both input to others' research and writing reports incorporating expertise from across Forrester to provide a "big picture" view.
  • Partner as appropriate with other Forrester analysts on broader risk topics: risk quantification, third-party risk, systemic risk, compliance, and cyber risk.
  • Research/write/create approximately six to eight research projects per year - a mix of written reports, tools, webinars, videos, podcasts, infographics, and other intellectual property. Build visibility for their research and contribute to Forrester client communities.
  • Consult with clients to apply Forrester's research in the context of their specific business environment and help solve their problems through inquiry, guidance, and advisory engagements.
  • Establish an industry presence as an influential speaker and thinker; build relationships with journalists who cover the sector; and participate in vendor briefings and field press inquiries as necessary.


Job Requirements:
  • Five to seven years as a research analyst, consultant, or practitioner where you have led or been involved in risk management, with a focus on cyber risk quantification, or an equal amount of time as product manager for vendors that serve the market.
  • A deep intellectual curiosity about the effect of technology on the business landscape; solid business instincts and a practical understanding of what makes companies tick; and a creative view of markets, technologies, and attitudes combined with a fascination with the future.
  • Superior listening, critical thinking, and writing skills as well as compelling presentation skills.
  • The ability to take complex, disparate ideas and distill them into simple, provocative concepts - and be willing to take a stand on vendors and outcomes.
  • The ability to travel up to 20% of the time.


Please note that the base salary range indicated here is inclusive of all applicable US geographies listed in this requisition, with the exception of New York City and Georgia. This salary range is based upon the position as described in the job listing. The offered compensation may vary within this range and is dependent upon the successful candidate's primary work location, experience, training, education, and credentials.

Base salary range: $119,000 - $193,000

Base salary range for Georgia: $106,000 - $174,000

Base salary range for New York City, NY: $136,000 - $222,000

For employees based in Washington State, the percentage listed here is an estimated bonus target as a percentage of base salary, in accordance with the Forrester Employee Bonus plan. Individual and company performance, as well as other eligibility criteria, will determine the actual incentive amount.

Bonus target: 10%

For information on benefits, please visit: https://forresterbenefits.com/

The application deadline is July 31, 2026. Please refer to the job posting on Forrester.com careers page if the deadline has been extended.

#LI-JM1

FLSA Status:
Exempt

Benefits at a Glance

Benefits at a Glance - Cambridge

About Forrester Research

Forrester Research is an independent technology and market research company that provides its clients with advice about technology's impact on business and consumers. Forrester Research provides proprietary research, consumer and business data, custom consulting, events, online communities, and peer-to-peer executive programs. The company's research is divided into three areas: business technology, consumer technology, and marketing and strategy. Forrester Research's clients include global enterprises, technology vendors, and management consulting firms. The company was founded in 1983 and is headquartered in Cambridge, Massachusetts.
Learn more about Forrester Research
Size
1,781 employees
Market Cap
$656.6 million
Industry
Business Services
Net Income
$9.9 million
5 Year Trend
+8.7%
Revenue
$448.9 million
NASDAQ
FORR
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at Forrester Research

More Finance & Insurance Jobs

Find similar Senior Analyst, Cyber Risk Quantification and GRC jobs:

NationwideCambridge, MA