AVP, Security Engineering Controls Program Analyst

About The Position

Requirements

• Bachelor’s degree in Information Technology , Cybersecurity, Business Administration, or related field preferred; or equivalent relevant experience.
• 1–3 years of experience in program/project coordination, technology operations, GRC support, risk/compliance, or information security.
• Foundational understanding of information security concepts (e.g., access management, logging/monitoring, encryption/data protection, vulnerability management).
• Experience coordinating across cross-functional teams and managing multiple tasks with deadlines.
• Proficiency with common documentation and work management tools (e.g., MS Office/Google Workspace; Jira/Confluence/ServiceNow or similar).
• Ability and flexibility to travel for business as .

Nice To Haves

• Basic familiarity with control frameworks and terminology (e.g., NIST, FFIEC, PCI DSS) and how controls relate to risk.
• Strong written communication skills, including the ability to produce clear documentation and summarize work for stakeholders.
• Strong attention to detail and ability to follow structured processes while improving them over time.
• Collaborative working style with the ability to influence through coordination, follow-through, and relationship building.
• Comfort learning new technical concepts and operating in a dynamic environment with shifting priorities.

Responsibilities

• Support the maintenance of a Security Engineering control library, including mapping controls to enterprise risks and applicable frameworks (e.g., NIST/FFIEC/PCI as applicable).
• Draft, update, and publish control documentation and supporting materials, including control narratives, standards, procedures, and job aids.
• Coordinate evidence expectations by documenting required artifacts, partnering with engineering teams to locate /collect evidence, and tracking retention needs.
• Support integration of control requirements into Security Engineering initiatives by helping manage plans, milestones, dependencies, and deliverables.
• Establish and maintain program execution artifacts such as meeting notes, action logs, RAID logs, status reporting, and milestone tracking.
• Partner with GRC and Risk stakeholders to clarify control intent, support control health discussions, and ensure alignment of documentation and deliverables.
• Assist with periodic control reviews by coordinating inputs, tracking issues/findings, and supporting remediation action tracking.
• Identify opportunities to improve consistency and efficiency in control documentation and evidence collection (e.g., templates, automation ideas, tooling enhancements) and raise recommendations to program leads.
• Prepare materials for stakeholder updates and assist in communicating progress, risks, and blockers to appropriate audiences.
• Perform other duties and/or special projects as assigned.

Benefits

• annual bonus based on individual and company performance
• option to work from home near one of our Hubs or come into one of our offices
• inclusive culture where your individual skills, experience, and voice are not only heard – but valued
• Employee Resource Groups (ERGs)