Overview
As a Security Governance Analyst, you will play a pivotal role in advancing the firm’s cybersecurity efforts. This role provides a unique opportunity to merge your technical expertise and governance skills to significantly impact the firm’s security posture.
Success in this role hinges on your ability to collaborate effectively with diverse stakeholders across technical, legal, compliance, and operational teams. As a trusted partner, you will contribute to the implementation, maturation, and management of a cybersecurity governance framework. You will assess our organization’s performance against the framework, identify areas for improvement, and monitor progress to ensure sustained alignment with regulatory requirements and business objectives.
Your aptitude for fostering consensus, driving initiatives forward, and delivering measurable results will be key to creating an impactful and sustainable cybersecurity governance program. By leveraging your passion for cybersecurity and your drive for excellence, you will thrive in our collaborative environment—where curiosity is celebrated, and every challenge is an opportunity to grow. At Susquehanna, your contributions will directly impact the firm’s resilience and success in a rapidly changing landscape.
In This Role You Will
- Design and implement a comprehensive Cybersecurity Governance framework, aligning with industry standards (e.g., NIST CSF, ISO 27001, SOC 2, CIS Controls).
- Develop and maintain cybersecurity policies, procedures, and standards in collaboration with stakeholders.
- Ensure policies support business objectives and align with regulatory requirements and contractual obligations.
- Lead awareness and training efforts to promote effective cybersecurity behaviors.
- Asses and monitor compliance with internal policies and standards and industry regulations.
- Coordinate internal and external audits, ensuring timely and accurate responses to findings and recommendations.
- Support compliance stakeholders in preparing for and responding to cybersecurity inquieries from regulators.
- Partner with legal, compliance, and business units to ensure alignment of cybersecurity objectives.
- Regularly evaluate and enhance governance practices to address new risks and business needs.
What We're Looking For
- Minimum 5 years in cybersecurity governance, compliance, risk management, or related roles, with a proven track record of building or maturing programs.
- Understanding of financial regulatory requirements and examinations strongly preferred
- Bachelor's degree in Cybersecurity, Information Systems, Business Administration, or a related field
- In-depth understanding of cybersecurity frameworks (NIST, ISO 27001, SOC 2, CIS).
- Strong grasp of governance principles, risk management, and compliance methodologies.
- Excellent written and verbal communication skills, with experience presenting to executive audiences.
- Power-user of Business Intelligence and/or Cybersecurity GRC tools a plus
