Advisor, Program Effectiveness - Cybersecurity Metrics & Reporting

Gainwell Technologies LLC

3d•Remote

About The Position

Be part of a team that unleashes the power of leading-edge technologies to help improve the health and well-being of those most vulnerable in our country and communities. Working at Gainwell carries its rewards. You’ll have an incredible opportunity to grow your career in a company that values work flexibility, learning, and career development. You’ll add to your technical credentials and certifications while enjoying a generous, flexible vacation policy and educational assistance. We also have comprehensive leadership and technical development academies to help build your skills and capabilities. SummaryThe Advisor, Program Effectiveness – Cybersecurity Metrics & Reporting is a senior individual contributor focused on metrics, reporting, and program effectiveness across cybersecurity functions, with an initial emphasis on vulnerability management. This role designs and standardizes cybersecurity KPIs/KRIs, reporting models, and dashboards using ServiceNow (including VR), Tableau and/or Power BI, and other data sources.Your role in our mission Define and maintain a cybersecurity metrics framework (KPIs, KRIs, OKRs) that supports executive decision-making and demonstrates program effectiveness. Develop and maintain a data dictionary and standardized definitions for all key metrics (what they mean, how they are calculated, and how they should be interpreted). Design and maintain logical and physical data models for cybersecurity reporting, using ServiceNow (including VR and CMDB tables), Tenable, Tanium, Splunk, and other systems as sources. Leverage ServiceNow (including Vulnerability Response, CMDB, and ITSM modules) as a core source of truth for workflow and status metrics.Develop and standardize ServiceNow-based reports, dashboards, and potentially Performance Analytics indicators. Apply best practices in visualization and information design to keep dashboards clear, actionable, and aligned with stakeholder needs. Implement governance for dashboard lifecycle (versioning, ownership, change control). Partner with the Senior Principal, Vulnerability Management to ensure Tenable- and VM-related metrics align with risk models and program goals. Work with Senior Manager(s), Managers, and Supervisors of Security Delivery to understand operational workflows and design metrics that support effective management. Support Security Leadership in using metrics for planning, prioritization, and communication with clients and regulators. Regularly review and refine metrics to avoid metric sprawl and ensure alignment with evolving business and security objectives.

Requirements

6+ years of combined IT, cybersecurity, and/or analytics experience, with:
3–6 years in cybersecurity operations, vulnerability management, or related domains.
Significant hands-on experience in reporting, data analysis, and KPI design.
Strong experience with:
ServiceNow (especially VR, CMDB, ITSM tables, and reporting capabilities).
Cybersecurity data sources such as Tenable, Tanium, Splunk, and similar platforms.

Nice To Haves

Experience in healthcare or public-sector environments and familiarity with associated regulatory drivers.
Prior involvement in building or governing enterprise cybersecurity metrics frameworks.

Responsibilities

Define and maintain a cybersecurity metrics framework (KPIs, KRIs, OKRs) that supports executive decision-making and demonstrates program effectiveness.
Develop and maintain a data dictionary and standardized definitions for all key metrics (what they mean, how they are calculated, and how they should be interpreted).
Design and maintain logical and physical data models for cybersecurity reporting, using ServiceNow (including VR and CMDB tables), Tenable, Tanium, Splunk, and other systems as sources.
Leverage ServiceNow (including Vulnerability Response, CMDB, and ITSM modules) as a core source of truth for workflow and status metrics.Develop and standardize ServiceNow-based reports, dashboards, and potentially Performance Analytics indicators.
Apply best practices in visualization and information design to keep dashboards clear, actionable, and aligned with stakeholder needs.
Implement governance for dashboard lifecycle (versioning, ownership, change control).
Partner with the Senior Principal, Vulnerability Management to ensure Tenable- and VM-related metrics align with risk models and program goals.
Work with Senior Manager(s), Managers, and Supervisors of Security Delivery to understand operational workflows and design metrics that support effective management.
Support Security Leadership in using metrics for planning, prioritization, and communication with clients and regulators.
Regularly review and refine metrics to avoid metric sprawl and ensure alignment with evolving business and security objectives.