Governance Analyst

About The Position

Requirements

• Bachelor's degree in IT or related field
• 3+ years of experience in a governance, security, compliance or audit role
• Understanding of IT frameworks (COBIT, NIST, CMF, FAIR).
• Awareness of data governance, risk management and security concepts and related regulations.
• Ability to interpret regulations and frameworks into actionable policies.
• Ability to map processes, assess gaps, and recommend improvements.
• Data analysis and reporting skills for metrics and dashboards.
• Excellent written and verbal skills for translating technical info and presenting to various audiences.
• Ability to create policies, procedures and training materials.
• Skilled at influencing and building consensus across diverse teams, such as IT, Legal, Audit, Compliance, Security, Data, Finance and Risk Management.
• Comfortable presenting governance updates to technical and non-technical audiences.
• Ability to manage multiple projects and initiatives simultaneously.
• Strong prioritization and time management skills.

Nice To Haves

• Certifications preferred (CISA, CRISC, CGRC, CISM).

Responsibilities

• Assist in the development, implementation, and management of IT policies, standards, and procedures.
• Benchmark governance practices against industry standards and frameworks (e.g. NIST, COBIT, IT-CMF).
• Recommend enhancements to frameworks, tools and processes.
• Regularly track compliance status, risk metrics, and governance KPIs.
• Prepare dashboards or scorecards for leadership.
• Monitor and report on IT risks.
• Assist in development and monitor progress of mitigation strategies.
• Facilitate reviews of IT vendors for compliance with governance standards.
• Monitor remediation, if necessary.
• Monitor and report KRIs to ensure timely action for mitigation.
• Support internal/external audits, ensure adherence to regulations (like GLBA, OCC, NYDFS).
• Monitor emerging regulations and update policies/processes accordingly.
• Develop leadership level reporting aroundon regulatory impacts and status of remediation activities.
• Automate compliance tracking and reporting, where possible.
• Evaluate existing governance and operational workflows to find opportunities for streamlining and automation.
• Collaborate with IT, Security, Legal, Internal Audit, ERM and Compliance teams to ensure alignment and communicate governance requirements.
• Act as a governance advisor to IT project teams and ensure new initiatives align with governance and risk requirements.
• Evangelize a culture of accountability and compliance.
• Develop & deliver training session for staff on governance, risk, and compliance requirements.

Benefits

• Competitive Compensation
• Monthly Bonuses for Eligible Employees
• 401(k) and Company Match
• Annual Profit Sharing
• Paid Time Off
• Paid Vacation - starting at 80 hours annually for employees in their first year of service.
• Paid Sick Days - Ten (10) per year with a conversion option for unused time.
• Ten (10) Paid Holidays per year
• Gym Reimbursement
• Health Insurance
• Dental Insurance
• Vision Insurance
• Short-Term and Long Term Disability
• Company Paid Life Insurance
• Flexible Spending Accounts (FSA)
• Health Savings Accounts (HSA)
• Employee Assistance Program
• Parental Leave
• Tuition Assistance
• Networking Opportunities
• Leadership Development Opportunities
• Paid Parking
• Service Awards
• Hybrid work arrangements
• Business casual environment
• A strong organizational culture focused on our greatest asset: you!