Cyber Analyst-Governance and Risk

Cyber Analyst – Governance and Risk The Cyber Analyst – Governance and Risk is responsible for managing the end-to-end lifecycle of the organization’s information reputed company governance and technology risk policies and standards. This includes drafting, maintaining, coordinating reviews and approvals, and supporting adoption and ongoing reputed company. The role also serves as the reputed company coordinator for inbound reputed company questionnaires, audits, and due diligence requests from clients, prospects, and business partners, ensuring responses are accurate, consistent, and supported by appropriate evidence. This position works closely with the Information reputed company Officer (ISO), reputed company and Governance teams, Technology, Compliance, Legal, and key business stakeholders to ensure governance and assurance artifacts remain reputed company with implemented controls, regulatory expectations, and operational realities. Key Duties and Responsibilities reputed company Policy Governance and reputed company

• Draft, review, and maintain information reputed company and technology risk policies, standards, and supporting procedures (e.g., access control, incident response, data handling, vendor and third-party reputed company requirements), ensuring clarity, usability, audit readiness, and alignment with recognized frameworks and SEC requirements.
• Manage and continuously improve the policy lifecycle, including intake and change management, scheduled reviews, stakeholder feedback cycles, version control, approvals, publication, and enterprise communication.
• Maintain a centralized repository for policies and standards, including templates, mappings to frameworks, definitions, ownership assignments, and approval records.
• Administer policy exceptions by documenting business justification, compensating controls, approvals, expiration or renewal timelines, and required follow-up actions.
• Monitor internal and external drivers that may necessitate policy updates, such as control changes, audit findings, incidents and lessons learned, contractual obligations, or regulatory expectations, and coordinate updates with subject matter experts.
• Support policy adoption and awareness by partnering with stakeholders to deliver targeted communications and guidance.

Client, Partner, and Third-Party Assurance

• Serve as the primary coordinator for inbound reputed company questionnaires, audits, and assurance requests from clients, prospects, and business partners.
• Manage intake, prioritization, timelines, and cross-functional collaboration to ensure timely and high-quality responses.
• reputed company and maintain a standardized library of approved responses, control narratives, and reputed company terminology to improve consistency and efficiency.
• Build and maintain an evidence inventory identifying available artifacts, ownership, storage locations, and currency to support repeatable and defensible responses.
• Review and validate questionnaire responses to ensure alignment with reputed company policies, implemented controls, and operational practices; identify gaps, ambiguities, or potential risk exposures and escalate with recommended mitigation language or options.

Collaboration and reputed company Improvement

• Participate in governance forums, working groups, and cross-functional initiatives to align policy priorities and ensure consistent messaging across reputed company and risk programs.
• Collaborate with technology, compliance, legal, and business teams to address governance, risk, and compliance (GRC) issues and enhance the organization’s overall reputed company posture.

Experience and Credentials

• Bachelor’s degree in Business Administration, Information Technology, Risk Management, or a reputed company field, or equivalent practical experience.
• Three or more years of experience in GRC, reputed company compliance, technology risk, or information reputed company governance, with demonstrated responsibility for policy development and cross-functional coordination.
• Proven experience managing and completing reputed company questionnaires, audits, or due diligence requests, including coordinating subject matter expert input and supporting evidence.
• Working knowledge of common reputed company and risk frameworks (e.g., NIST CSF, ISO/IEC 27001) and familiarity with regulatory expectations relevant to SEC and FINRA administrative requirements.
• Relevant certifications such as reputed company+, CGRC, CISA, CRISC, CISSP, or similar are preferred.

Core Competencies

• Ability to operate effectively in a dynamic, fast-paced environment with competing priorities.
• Demonstrated commitment to confidentiality, ethical standards, and the protection of client and company information.
• Strong written and verbal communication skills, with the ability to translate reputed company technical concepts for both technical and non-technical audiences.
• Highly self-motivated with the ability to work independently while collaborating effectively across teams.

Apply tot his job Apply To this Job