Information Technology Security Analyst

Job Title: Senior Analyst B – IT Security Governance & Planning Analyst

Job Purpose / Overview

The IT Security Governance & Planning Analyst will be responsible for supporting the development, implementation, and monitoring of cybersecurity governance frameworks, risk management processes, and performance measurement systems. The role ensures alignment with international standards such as ISO 27001, NIST, and industry best practices. The incumbent will play a key role in driving cybersecurity strategy, monitoring KPIs, and providing senior management with actionable insights to strengthen governance and compliance.

Roles & Responsibilities

• Assist in the development and implementation of cybersecurity governance frameworks aligned with ISO 27001, NIST, and other standards.
• Analyze business requirements and translate them into high-level technical and security requirements.
• Conduct security risk assessments, track mitigation efforts, and support incident response planning.
• Perform data analysis to identify security trends, vulnerabilities, and performance gaps.
• Develop and monitor KPIs and metrics to measure effectiveness and compliance.
• Prepare and deliver progress reports, dashboards, and executive-level presentations.
• Collaborate with internal teams to ensure security policies and governance frameworks are adhered to.
• Support continuous improvement of cybersecurity planning, governance, and compliance processes.

Skills & Competencies

• Strong skills in Microsoft Excel, PowerPoint, and data analytics.
• Solid understanding of cybersecurity frameworks (ISO 27001, NIST), risk management, and compliance standards.
• Ability to analyze and interpret complex business/security requirements.
• Strong written and verbal communication skills, with ability to create dashboards, reports, and executive presentations.
• Knowledge of incident response planning and governance best practices.
• Ability to work effectively with senior stakeholders and cross-functional teams.

Experience Requirements

• Minimum 7 years of experience in IT security, governance, risk, compliance (GRC), or strategic planning roles.
• Proven experience in developing KPIs, creating security performance reports, and presenting to senior stakeholders.
• Experience in conducting risk assessments and supporting compliance audits.
• Background in large organizations, preferably in banking, financial services, or technology sectors.

Education & Certifications

• Bachelor’s degree in Computer Science or equivalent field.

Preferred certifications:

• PMP or equivalent project management certification
• ITIL / COBIT (IT governance frameworks)
• CISSP (Information Security)
• TOGAF (Enterprise Architecture)