Senior Security Analyst - Cybersecurity Reporting

As a Senior Cybersecurity Analyst specializing in Metrics and Reporting, you will play a critical role in shaping the cybersecurity posture of our organization. Your primary responsibility will be to develop and maintain comprehensive cybersecurity metrics that align with industry frameworks and standards. These metrics will be utilized by various committees and leaders to assess our cybersecurity program's effectiveness and track progress against defined goals.

What you'll be doing:

• Develop and implement a robust set of cybersecurity metrics that align with industry frameworks such as NIST Cybersecurity Framework, CIS Controls, ISO 27001, etc.

• Collaborate with key stakeholders to understand business objectives, risk appetite, and regulatory requirements to tailor metrics accordingly.

• Define clear and measurable key performance indicators (KPIs) to evaluate the effectiveness of cybersecurity controls, processes, and technologies.

• Design and produce regular reports and dashboards that provide insights into the organization's cybersecurity posture, including trend analysis, benchmarking against industry peers, and highlighting areas for improvement.

• Work closely with the cybersecurity team to collect relevant data, analyze trends, and identify areas of concern or improvement.

• Assist in presenting findings and recommendations to leadership and governance committees to facilitate informed decision-making and prioritize cybersecurity initiatives.

• Continuously evaluate and refine the metrics framework to ensure relevance, accuracy, and alignment with evolving business needs and emerging threats.

• Stay current with industry trends, best practices, and regulatory developments related to cybersecurity best practices and reporting.

What we'll want you to have:

• 3+ years of experience in a data analysis or reporting role with an understanding of cybersecurity concepts

• Understanding of cybersecurity frameworks, standards, and regulatory requirements (e.g., NIST CSF, CIS Controls, ISO 27001, GDPR, etc.).

• Proficiency in data analysis and visualization tools (e.g., Excel, Tableau, Power BI) to translate raw data into meaningful insights and actionable recommendations.

• Strong communication skills, with the ability to convey complex technical information to non-technical stakeholders in a clear and concise manner.

• Proven track record of working effectively in cross-functional teams and managing multiple priorities in a dynamic environment.

• Relevant certifications such as CISSP, CISM, CRISC, or GIAC are a plus, but not a requirement.

• Experience with cybersecurity risk management methodologies and assessment frameworks is a plus.

Join our team and contribute to building a resilient cybersecurity program that protects our organization's assets, reputation, and stakeholders.

#LI-REMOTE