Security Data and Risk Analyst

Summary

Join Ivanti's Information Security Risk Management Team and lead the execution of multiple functions, including creating security-relevant KPIs and KRIs, developing dynamic dashboards and presentations, managing Security Council workstreams, tracking key milestones, supporting weekly briefs, and enabling multi-tiered risk and security reporting. This role requires rapid-paced learning, flexible responsiveness, and self-starting initiative to improve reporting and risk functions. The primary focus is generating enterprise visibility and understanding of major risk and security issues. Success in this role depends on critical thinking, independent work, and completing challenging projects. A background check is required. You will leverage your expertise in evaluating information, communicating complex ideas, preparing briefings, and functioning in a fast-paced environment. Knowledge of cybersecurity threats, vulnerabilities, risk management, and cybersecurity principles is essential.

Requirements

• Understand and speak to corporate and technology information/cyber security from experience in different environments
• Articulate risk and risk management as realistic, measurable harm
• Develop and implement structured, effective and data-driven reporting, metrics and dashboards
• Coordinate, chair and/or present data to management, leadership and C-suite stakeholders in their languages
• Develop automation for data gathering, analysis and presentation
• Educate as well as inform audiences of a wide variety of security and risk expertise, including building libraries of material to support understanding of benefits and costs of security management
• Perform additional job duties as required
• Show evidence/talk in great detail about how they generate KPIs, KRIs and OKRs, a history with leadership reporting and their approach to developing new metrics
• Evaluate information for honesty, accuracy, and relevance
• Communicate complex information, concepts, or ideas in a confident and well-organized manner
• Prepare and present briefings; Produce technical documentation
• Function effectively in a dynamic, fast-paced environment
• Think critically; Work autonomously and manage time, projects, and tasks effectively
• Understand the basic concepts and issues related to cyber and its organizational impacts
• A minimum of a bachelor’s degree, preferably in information systems or data analytics with three years security experience, or a degree in any field plus five years security experience
• Five years minimum (can overlap with security experience) conducting reporting operations such as presentations, metrics, dashboards, KPIs, KRIs, OKRs
• Two years full time or aggregated over longer period executing/leading project management efforts in a technology-related arena
• Can show evidence has created effective KPIs, KRIs and OKRs and a means to measure and report each
• Familiarity with the following: NIST, ISO, SOC2, FedRAMP, Privacy, GDPR and DORA principles
• Experience with cloud, onprem, corporate, remote and transformative environments

Responsibilities

• Take ownership of and create awareness around security-relevant key performance and key risk indicators
• Create dynamic dashboards and presentations
• Manage the Security Council workstreams, including coordinating stakeholders updates
• Track and report on key milestones/objectives
• Support weekly briefs
• Enable multi-tiered risk and security reporting

Preferred Qualifications

• Project Management information technology/security lead experience that included building own metrics and presentations
• Risk Management information security/cybersecurity lead experience including building own metrics presentations
• FAIR (Factor Analysis of Information Risk) modeling experience and expertise
• Security certifications (ex. CISSP), Project Management certifications (ex. PMP), Risk Management certifications (ex. COBIT, CRISC) or Information Technology certifications (ex. ITIL)