Governance Analyst III: Business analyst responsibilities include governance over end-to-end vulnerability management lifecycle including monitoring completeness/accuracy of scan jobs, analysis and requirements gathering, documenting processes, updating standards/procedures/job aids, evaluate compliance, track remediation and closure of vulnerabilities.

Responsibilities

• Work with teams to support disposition of open vulnerabilities, assist with documenting non-compliance with requirements via exceptions and issues management processes.
• Create and maintain governance documents for new processes; assist in updating changes to existing governance documents (standard/procedures/processes).
• Perform review of governance requirements, including documentation, to ensure applicable requirements (including Regulatory) are met.
• Document security controls to various frameworks and conduct periodic assessments for compliance.
• Participate in stakeholder engagements, document requirements, resolutions, and control guidelines.
• Facilitate information requests and related reporting activities across various stakeholders.
• Participate in process design meetings, document processes into formalized procedures and job aids.
• Execute daily/weekly/monthly governance monitoring activities
• Demonstrate ability to understand business processes and how they align to internal policy, standards, procedures, and regulatory requirements.
• Collaborate with team members to assess progress of deliverables.

Requirements

• Must have strong analytical skills, be detail oriented and customer/stakeholder focused
• Must be able to interpret data and apply business logic
• Effective oral, presentation, and written communication skills
• Governance and Compliance skills including creating documentation, evaluating compliance, documenting and assessing security controls.
• Ability to build and deliver presentations to all levels of the business and effectively explain complex issues and concepts in simple, understandable language.
• Working knowledge of NIST Cybersecurity framework (CSF), NIST 800-series, NIST Risk Management Framework (RMF)
• Proven 5 years of work experience as a Cybersecurity governance/compliance analyst
• Ability to work independently but also comfortable working and contributing within a team environment.
• Strong Excel, PowerPoint and Visio skills
• Certifications: CISA, CRISC, CIA, CISM, and/or CISSP are a plus.
• The hourly range for roles of this nature are $50 to 80/hr. Rates are heavily dependent on skills, experience, location and industry.
• CyberThink is an Equal Opportunity Employer