Senior Technical Governance Analyst-Corpsec

Senior Technical Governance Analyst-Corpsec

Requirements

• 5+ years of experience in corporate security, security governance, risk management, IT security, or compliance.
• Strong understanding of cybersecurity controls, risk management, incident response, cloud security, corporate IT security, and SaaS governance best practices.
• Proven ability to lead and manage security initiatives and drive cross-functional collaboration.
• Excellent written and verbal communication skills with the ability to explain complex security concepts to a non-technical audience.
• Ability to identify and solve complex security problems in a fast-paced environment.
• Familiarity with industry security frameworks such as NIST CSF, ISO 27001, SOC 2, CIS Benchmarks.
• Knowledge of identity and access management (IAM), endpoint security, and corporate security tools.
• Strong ability to engage cross-functional teams and influence stakeholders at all levels.
• Excellent analytical, problem-solving, and communication skills.

Responsibilities

• Support key initiatives such as Data Governance Oversight, End Protection/Hardware Inventory, BYOD controls, SaaS Posture Management/Software Inventory, Third Party Risk Management, and Identity Credential and Access Management.
• Develop and implement governance policies, controls, and best practices to enhance security across corporate IT and workforce systems.
• Define and maintain security baselines for corporate IT infrastructure and workforce tools, ensuring alignment with industry frameworks (e.g., NIST CSF, CIS, ISO 27001, SOC 2).
• Partner with IT and Security teams to enhance the security posture of corporate systems, including endpoint management, email security, collaboration tools, and SaaS solutions.
• Work with business system and application owners to embed security principles into technology decisions and procurement processes.
• Act as a liaison between business teams and security teams to ensure business, security and compliance objectives are met.
• Support corporate security risk assessments, identifying and overseeing mitigation of security risks in alignment with business objectives.
• Track and report on security governance KPIs and risk metrics, driving continuous improvement.
• Partner closely with the IT team to ensure corporate systems are managed appropriately and meet security objectives.
• Work with the Security team to implement monitoring and detection capabilities that support workforce security objectives.
• Support vendor security review process, ensuring robust security assessments for third-party SaaS vendors and partners.
• Collaborate with Legal, Procurement, and Security teams to assess vendor security postures and ensure contractual compliance with security requirements.
• Monitor vendor risk exposure and recommend remediation strategies for high-risk vendors.
• Foster a strong security culture within the organization through training, awareness programs, and ongoing communication.

Preferred Qualifications

• Relevant security certifications (e.g., CISSP, CISM, CISA, CCSP).
• Experience working with GRC tools (e.g., Audit Board, OneTrust, ServiceNow GRC, Vanta, Drata).
• Understanding of regulatory requirements such as GDPR, CCPA, HIPAA, or SOX.
• Experience supporting security governance in a remote or hybrid workforce environment.