Sr. Analyst, Cyber Risk Governance & Reporting
About The Position
A Senior Risk Governance and Reporting Technology Analyst reports to the Information Security and Technology Risk department. In this role, you will support a technology team to document, report, and track findings derived from risk-based discussions across the organization. This role will help ensure leaders maintain clear, actionable, and forward-looking visibility into risk priorities based on information security policies, controls, audits, and regulatory requirements. The individual will work to ensure information security risks are proactively managed, effectively controlled, and/or remediated through data-driven insights, modern reporting practices, and emerging technologies such as AI-enabled analytics.
Requirements
- 4+ years of experience in information security, technology risk, governance, or audit-related roles preferred
- 1+ year of cyber security risk assessments
- Strong analytical skills with the ability to interpret data and translate it into meaningful risk insights
- Effective communication and interpersonal skills; self-motivated with a willingness to take on challenges and adapt to change
- Excellent organizational, time management, and prioritization skills with strong attention to detail and ability to manage multiple tasks
- Ability to interface effectively with all levels of staff and management, including executive stakeholders
- Understanding of cybersecurity principles, frameworks, and best practices (e.g., NIST, ISO, or similar)
- Ability to work independently while contributing to team deliverables in a fast-paced environment
Nice To Haves
- Bachelor’s Degree in Information Systems or related field
- Familiarity with data visualization tools (e.g., Power BI, Tableau) and an interest in AI-enabled reporting or automation tools is a plus
- Attestation engagements (Sarbanes Oxley, NYDFS, SOC 1 or SOC 2, etc.)
Responsibilities
- Build strong relationships and engage frequently with technology and business leaders to align on risk priorities and drive accountability
- Coordinate day-to-day governance activities required to deliver secure, resilient, and compliant technology solutions on time
- Act as a liaison among Information Security, Enterprise Risk Management, Corporate Compliance, and Audit teams as required
- Maintain knowledge of current and emerging technologies, including cloud, AI/ML, and automation, to effectively assess and contextualize risk
- Promote awareness of current security policies and standards, including updates, and provide consistent interpretation and guidance
- Schedule, coordinate, and/or facilitate meetings, capturing key decisions, risks, and action items with a focus on outcomes and accountability
- Track scheduled activities, milestones, and metrics, delivering executive-level reporting that highlights risk exposure, trends, business impact, and remediation progress
- Develop and enhance dashboards (e.g., CISO and related reporting) using modern visualization tools to provide real-time or near-real-time insights into cybersecurity posture
- Leverage data analytics and AI-driven capabilities to improve risk identification, prioritization, and reporting, including trend analysis and anomaly detection
- Work collaboratively across teams to document, report, and track findings and risks impacting applications, products, services, and tools
- Develop and manage remediation plans, including scope definition, success criteria, milestones, deliverables, and evidence of risk mitigation
- Contribute to evolving reporting from static metrics to actionable insights, including risk quantification and business impact alignment
Benefits
- 401K matching
- health benefits
- employee stock options
- paid time off
- volunteer time off
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
