Governance Lead Analyst
Full Job Title: Governance Lead Analyst
Job Number: R2409-42879
Location: Baltimore, Maryland; Remote
Date Posted: 09/06/2024
As a Lead Analyst, Cybersecurity Governance, you will hold a pivotal role in assisting with building and implementing governance frameworks tailored to our on-site and SaaS environments, including policies, standards and controls, in accordance with legal, regulatory, and contractual requirements. Additionally, this role will be the driving effort in the continued buildout of a comprehensive cybersecurity risk metrics and reporting program.
In this role you will lead, identify, and implement key metrics and dashboards that provide insights, identify gaps and trends, and emerging risks in our cybersecurity program. The right person for this role will possess a deep understanding of data-driven reporting practices and can articulate insights from complex datasets.
Members of the Cybersecurity Governance team are motivated, detail-oriented, and thrive in a collaborative environment where they will add value to key business partners. This position will require you to be adaptive, willing to drive change and innovation, and work in a fast-paced environment requiring collaboration and the ability to organize and prioritize assignments.
Our Cybersecurity team works remotely; however, we prefer you live within driving distance to a corporate office for the occasional office connectivity days. Office locations including Baltimore, Wilmington DE, Charlotte NC, Dallas/Fort Worth, Phoenix/Tempe, Evansville, IN, and Chicago.
Note: Employment-based non-immigrant visa sponsorship and/or assistance is not offered for this specific job opportunity.
Target base salary range is $90 - $120, which is based on various factors including skills, work experience, and location. In addition to base salary, this role is eligible for a competitive additional compensation program that is based on individual and company performance.
Responsibilities:
- Collaborate across the organization on defining and documenting technology and cybersecurity controls.
- Maintain and update the controls matrix in alignment with multiple frameworks, including SOC2, CIS, PCI and NIST 800-53.
- Interact with related disciplines through committees, to ensure the consistent application of policies and standards across all technology projects, systems and services.
- Partner with Stakeholders to manage and implement a comprehensive security risk metrics and reporting program to measure the efficiency and effectiveness of the cybersecurity program for senior management providing insights, trends and recommendations.
- Identify and maintain key performance, risk, and control indicators and risk metrics library that will drive actions and decisions to address areas of risk and improve operational performance.
- Implement solutions to automate and visualize risk metrics reporting through dashboards for key stakeholders using Power BI.
- Apply advanced analytical models to gain additional insights from key risk metrics for data trends and benchmarking.
Qualifications:
- Bachelor's Degree with a focus in Cybersecurity, Information Technology disciplines or equivalent experience.
- Minimum of 3 - 5 years of experience in cybersecurity, technology audit, risk management, or GRC (Governance, Risk and Compliance).
- 3+ years of demonstrated experience in developing cyber security metrics. This includes metrics identification, data collection, and visualization for reporting.
- Knowledge of cybersecurity frameworks, such as NIST, SOC2, and CIS.
- Knowledge of cybersecurity laws and regulations, industry standards and best practices including GLBA 501(b), NYDFS and PCI.
- Experience creating visualizations for executive level presentations using Power BI or other business intelligence tools.
- Strong verbal and written communication and presentation skills with the ability to prepare and deliver complex data in a way that is concise and understandable.
- Strong organizational skills and the ability to manage workstreams and collaborate with technical teams.
- Ability to identify gaps and non-compliance with a standard.
Who we Are: OneMain Financial (NYSE: OMF) is the leader in offering nonprime customers responsible access to credit and is dedicated to improving the financial well-being of hardworking Americans. Since 1912, we've looked beyond credit scores to help people get the money they need today and reach their goals for tomorrow. Our growing suite of personal loans, credit cards and other products help people borrow better and work toward a brighter future.
Driven collaborators and innovators, our team thrives on transformative digital thinking, customer-first energy and flexible work arrangements that grow lives, careers and our company. At every level, we're committed to an inclusive culture, career development and impacting the communities where we live and work. Getting people to a better place has made us a better company for over a century. There's never been a better time to shine with OneMain.
Because team members at their best means OneMain at our best, we provide opportunities and benefits that make their health and careers a priority. That's why we've packed our comprehensive benefits package for full- and some part-timers with:
- Health and wellbeing options for team members and their dependents
- Up to 4% matching 401(k)
- Employee Stock Purchase Plan (10% share discount)
- Tuition reimbursement
- Continuing education
- Bonus eligible
- Paid time off (15 days' vacation per year, plus 2 personal days, prorated based on start date)
- Paid holidays (7 days per year, based on start date)
- Paid volunteer time (3 days per year, prorated based on start date)
- And more
#LI-DWB
OneMain Holdings, Inc. is an Equal Employment Opportunity (EEO) employer. Qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship status, color, creed, culture, disability, ethnicity, gender, gender identity or expression, genetic information or history, marital status, military status, national origin, nationality, pregnancy, race, religion, sex, sexual orientation, socioeconomic status, transgender or on any other basis protected by law.
#J-18808-Ljbffr