Remediation Governance Analyst – Cyber Security Assurance

Job Description:

Remediation Governance Analyst – Cyber Security Assurance - is a member of the Global Information Security (GIS) Cyber Security Assurance (CSA) organization's Enterprise Remediation team, overseeing remediation, exceptions and consequence for vulnerabilities and findings across the company.

Primary Responsibilities: 
1.    Creation of formal Risk Forum and Committee reporting/materials highlighting trends and actions required from CIO/FLU (Front Line Unit)teams
2.    Support internal and external risk partner efforts by gathering and packaging evidence, including data exports and commentary 
3.    Support UAT testing in Continuous Monitoring (CM) for enhancements, bug fixes and new requirements
4.    Execute governance routines to ensure appropriate review and timely disposition and sustainability of information security vulnerabilities
5.    Data analytics to support identification of thematic issues across remediation functions and ensure appropriate visibility with senior leaders by supporting escalation routines
6.    Support QA/QC routines and controls to ensure focus on risk reduction within defined timelines, as expansion of workstreams requiring oversight continues

This is an individual contributor role with no staffing, compensation, or budget accountability

Required Skills:
•    Strong knowledge of the Continuous Monitoring (CM) tool as well as ROCK and CDV (Cloudera Data Visualization)
•    Strong subject matter expertise in risk management, evidence gathering/packaging and governance 
•    Executive presentation and excellent written/verbal communication skills
•    Strong attention to detail in all situations
•    Excellent influencing, problem resolution and interpersonal skills
•    Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding and management levels
•    Excellent skills with Excel for data management, analysis and manipulation, creating pivot tables, etc. 
•    Expert use of Microsoft Word and PowerPoint
•    Technical background to include structured query language (SQL), Python, Business Intelligence (BI) tools, and SDLC concepts
•    Critical thinker and logical problem solver. Ability to understand a problem, explore solutions and present them with pros, cons and other considerations. Ability to determine connections, identify trends, and evaluate data to find efficiencies 
•    Strong organizational and time management skills, as well as the ability to be a self-starter and work independently
•    Demonstrates intellectual curiosity
•    3-5 years of relative experience

Enterprise Role Overview - Provides support to information security officers who partner directly with line of business leaders. Has a deep understanding of the business and information security in order to have specialized information security risk-based discussions. Utilizes knowledge of application development and/or application security, including the Software Delivery Life Cycle from design, testing and deployment to post production. May participate in more complex Secure by Design efforts as new technology is deployed. Ensures technology is secure when used by partners and vendors. Provides guidance and expertise to information security officers on risk elements associated with each step of the Secure by Design process to ensure adherence to information security policies. Typically has 3-5 years of relevant experience.

Shift:

Hours Per Week: