Cyber Security Governance Analyst - Sr - Dynamic Team

Job Summary

This position will report to the Governance Director and be responsible for supporting the Information Technology and Cyber Security organizations in matters related to audit, compliance, and the remediation of risk.

This role requires the individual to work directly with Internal Audit, Segment Risk, Information Technology and Cyber Security teams, and drive tasks to completion on agreed schedules.

The candidate must possess strong written and verbal communication skills, self-motivation, drive, well-organized, and exceptional attention to detail.

Job Description

• Collaborate with risk and audit teams, and subject matter experts to drive the risk evaluation and remediation processes to completion within the Cyber Security organization.
• Build strong partnerships with key technology partners, Risk, Cyber Security, and IT areas outside of immediate team
• Evaluate and understand findings within the pipeline to help ensure proper planning of priorities and resources.
• Facilitate communication across teams to meet project requirements and deliverables associated with identified findings, milestones and deliverables.
• Work with subject matter experts to create and maintain remediation strategies, tasks, and documentation related to action plan milestones and deliverables.
• Assist with regulatory, audit, and compliance exams, ensuring required information is provided in a timely manner.
• Support governance and operational departments with policy, standard, and procedure updates.
• Collect, maintain, ensure accuracy and integrity for tracking of project plan deliverables.
• Provide status tracking, updates and reporting to various levels of leadership.
• Schedule and facilitate meetings.
• May lead initiatives and projects.

Required Skills

• Excellent verbal and written communications; ability to explain risks and issues, and IT related concepts clearly and concisely.
• Proven ability to work with technology and business owners, information security, risk , compliance, and audit teams to ensure clear communications among all parties.
• Ability to effectively communicate complex technical solutions in business terms with internal/external entities, and various levels of leadership.
• Working knowledge of recognized frameworks.
• High performer, driven and has positive 'can do' approach to problem solving

• 1-3 years of IT GRC, information security, and/or audit experience.
• Track record of successful project deliverables on time, within budget, and met objectives.

Preferred Qualifications:

• Experience in using Archer or other related systems.
• Experience using Azure Dev Ops or similar agile toolsets.
• Experience with technical writing.
• Experience processing, analyzing, or working with several different types of data, including risk ratings, control, and metrics.
• Ability to collect, analyze, and disseminate information with attention to detail and accuracy.
• Knowledge of control testing and associated tests in relation to project plan implementation
• Certification (CISM, CISA, CySA+, Security+ or CRISC).