Security Analyst

Job Summary

We are seeking a detail-oriented and analytical professional to support Information Security and Governance, Risk, and Compliance (GRC) functions. The role focuses on analyzing complex data, identifying risk trends, and providing actionable insights to support business and security decision-making. The candidate will collaborate across IT and business teams to ensure risk mitigation strategies and security controls are effective and aligned with organizational needs.

Key Responsibilities

• Review and analyze complex data sets to generate insights, conclusions, and actionable recommendations
• Provide direction and guidance on reports and analyses, ensuring alignment with business and customer needs
• Recommend risk mitigation strategies and ensure appropriate standards are defined and met in coordination with ISD ECM
• Escalate high-risk change activities for proper risk treatment
• Identify operational roadblocks and drive timely remediation and countermeasures
• Collaborate with Information Security and cross-functional IT/business teams in a coordinated, goal-oriented manner
• Support achievement of organizational and area objectives
• Provide professional support for major components of the organization’s information security infrastructure
• Collate automated and self-identified risk findings for reporting and analysis

Required Qualifications

• Bachelor’s degree in Computer Science or related discipline, or equivalent work experience
• Experience in GRC (Governance, Risk, and Compliance) or information security-related roles
• Strong experience with business intelligence and reporting tools, including SQL, DB2, Power BI, Business Objects, Qlik, Tableau, Excel, and PowerPoint
• Strong analytical, troubleshooting, and problem-solving skills
• Understanding of SDLC (System Development Life Cycle) concepts
• Excellent written and verbal communication skills
• Strong time management skills with the ability to work independently and make decisions
• Self-motivated and a strong team player

Preferred Qualifications

• Advanced degree preferred
• General understanding of Identity and Access Management (IAM) principles
• Working knowledge of cybersecurity frameworks (e.g., NIST CSF, CRI, ISO)

Technical Skills

• MS Office Suite
• ServiceNow
• Logical and physical database design concepts

Key Attributes

• Strong focus on cyber hygiene, control completeness, and effectiveness
• Analytical mindset with a data-driven approach to risk management
• Ability to operate in a fast-paced, collaborative environment