Job Overview
The Information Security Program Lead Analyst plays a pivotal role in steering initiatives to support governance, risk and compliance for the Chief Information Security Officer (CISO). The primary objective of this position is to ensure that information security directives and activities align with the organization's cyber and information security policy.
-----------------------------------
Key Responsibilities
* Produce monthly IS metrics for multiple legal entities and regional governance bodies.
* Prepare periodic IS reports for senior management summarizing the risk posture for the business.
* Provide guidance on audit preparation, resolve audit findings, and ensure closure.
* Assist with strengthening controls and processes to pass audits with satisfactory ratings.
* Prepare and manage responses to regulatory bodies on behalf of the CISO regional leadership.
* Prepare management information.
* Support governance of risk exceptions, issues, and corrective action plans.
* Evaluate and execute approvals and reviews as needed.
* Engage proactively with counterparts and teams to enhance risk oversight.
* Establish communication channels with cross-sector ISOs to strengthen relationships.
* Bid strong stakeholder management skills to influence and communicate cyber risk effectively.
* Focus on process improvements, remove deficiencies, and enhance current tools to reduce the overall risk profile.
* Participate in the IS community on committees and cross-business/functional opportunities.
* Attend and participate in internal/external forums and risk committees as required.
* Demonstrate extensive understanding of IS standards and best practices across multiple disciplines.