Cybersecurity Metrics Analyst

As a Cybersecurity Metrics Analyst, you will play a crucial role in ensuring the security and compliance of our organization. You'll be responsible for analyzing, measuring, and reporting on various security metrics to enhance our overall security posture. Your expertise will guide decision-making and risk management efforts.

Responsibilities

• Passionate understanding and working knowledge of information security fundamentals and risk-based approach to information security.
• Understanding of end-to-end security metrics process including metrics collection, tracking and reporting, including ownership and responsibilities for each activity.
• Define, develop, and implement cybersecurity metrics aligned with industry frameworks, such as NIST CSF, NIST 800-53, ISO27001, PCI and Privacy.
• Strong experience in developing automated tools used to calculate metrics and visualization tools for reporting.
• Ability to analyze data using industry leading tools reporting, including the use of complex macros and scripts for reporting and data mining purposes from multiple sources.
• As directed, to identify, obtain, and cleanse suitable data, in a consistent and repeatable fashion, to design and produce reports and dashboards which provide insights into our organization's cybersecurity posture.

• Collaborate with stakeholders to tailor metrics based on business objectives, risk appetite, and regulatory requirements.
• Passion and expert skills in building elegant and interactive data visualizations of complex information, including drill-down capability.
• Advanced experience in the design and creation of security and compliance metrics and dashboards for Senior Management.
• Advanced skills in Microsoft PowerPoint, Publisher, and Application development experience in one or more of the following environments: .NET, Cold fusion, LAMP, etc.
• Experience with scripting languages (Python, Perl, Bash, PHP, etc.).
• Strong Information Security Industry background, including one or more security certifications (CISSP, CISM, CISA).
• Solid understanding of security concepts.

Qualifications

• Bachelor's degree or equivalent experience, preferably with a technology and/or data analysis and visualization emphasis.
• Expertise in data analysis and visualization using one or more of the following: Microsoft Power BI, Tableau, Alteryx, QlikSense/QlikView, or similar.
• Previous experience with IT security standards and control frameworks is highly desirable.
• Possession of relevant IT and Information Security certifications such as SANS, CISSP, CISA, CISM, or similar is a plus.
• Experience in the manufacturing, information technology, or consulting industry is a plus.

Preferred Education:

• Bachelor's degree

Preferred Experience:

• 5 years

Skills: Other:

• Analysis.
• Assessment/evaluation.
• Consulting.
• Organization.
• Problem identification and resolution.

Skills: Technology:

• Database and application security
• Network administration reporting.
• Network communications technologies.
• Server security policies and procedures, access management.
• Technical documentation.