Alliance/Partner Management, Analysis Skills, Atlassian JIRA, Automation, Banking Services, Billing, Business Intelligence, Business Intelligence Software, Business Support, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Cadence, Cloud Computing, Communication Skills, CompTIA Security+, Computer Security, Continuous Improvement, Customer/Client Research, Data Quality, Dental Insurance, Documentation, Enterprise Protection, ISO (International Organization for Standardization), ITIL (IT Infrastructure Library), Incident Response, Information/Data Security (InfoSec), Internet Security, Leadership, Machine Tool, Metrics, Microsoft Excel, Microsoft PowerPoint, Operational Measurement, Operations Processes, Operations Security (OPSEC), Performance Metrics, Power BI, Presentation/Verbal Skills, Problem Solving Skills, Project Estimates, Qlik, Quality Assurance, Reporting Dashboards, Requirements Management, Retirement Funds, Risk, Risk Analysis, Risk Management, Sales, Security Analysis, ServiceNow, Software Development Lifecycle (SDLC), Splunk, Storytelling, Tableau, Taxonomies, Team Player, Technical Leadership, U.S. National Institute of Standards and Technology (NIST), Vision Plan, Web Analytics, Willing to Travel, Writing Skills
Information Security Analyst (Senior Security Metrics & KRI Design Analyst)
Alternate Job Titles:
Senior Cybersecurity Metrics Analyst
Cyber Risk Reporting & KRI Governance Lead
Security KPI/KRI Program Analyst
Information Security Business Intelligence Analyst
Cyber Risk Performance Measurement Consultant
Location & Work Model
Mount Laurel, NJ
Hybrid (if located near a hub) or Remote (if not near a hub)
Contract Details
Position Type: Contract
Contract Duration: 8 Months
Start: As Soon As Possible
Schedule: Monday–Friday, Core Business Hours (40 hours/week)
Overtime: No
Travel: No
Extension and conversion possible based on business needs and performance.
About the Opportunity
We are hiring a Senior Security Metrics & KRI Design Analyst to support a strategic project within Global Security & Defense. This role focuses on uplifting the enterprise security reporting and governance framework across GRC and cybersecurity domains.
You will join a 10-person collaborative team and partner closely with cyber domain leaders and executive stakeholders. This position offers high visibility with leadership and the opportunity to build long-term impact within a Top 10 North American bank.
Role Overview
The Senior Security Metrics & KRI Design Analyst is responsible for defining, governing, and driving adoption of enterprise security performance metrics, including Key Risk Indicators (KRIs), Key Performance Indicators (KPIs), and operational security metrics.
You will collaborate with IAM, SOC, Vulnerability Management, Cloud Security, AppSec, GRC, and Third-Party Risk teams to translate risk appetite and strategy into measurable, automated, and trusted outcomes.
Ownership includes the full lifecycle:
Strategy → Design → Stakeholder Alignment → Implementation → Data Quality → Reporting → Continuous Improvement
Approximately 25% of time will be spent in stakeholder meetings with internal partners.
Key Responsibilities
Metrics Strategy, Design & Standardization
Lead design and evolution of enterprise security metric taxonomy
Develop and maintain a centralized Security Metrics Library
Define metric formulas, thresholds, tiering, and escalation logic
Align metrics with enterprise risk appetite, OKRs, and regulatory expectations
Stakeholder Engagement & Socialization
Facilitate workshops with security and technology leaders
Align on definitions, thresholds, ownership, and action plans
Translate technical security outcomes into executive-level insights
Partner with ERM, Audit, Compliance, and Technology teams to drive adoption
Implementation & Automation
Implement metrics within BI and reporting platforms (Power BI, Tableau, Qlik)
Partner with data engineering to automate reporting feeds
Define source-to-metric data mapping and validation standards
Establish repeatable operational procedures and governance checkpoints
Executive Reporting & Insights
Develop executive dashboards and reporting packages
Deliver trend analysis, root cause insights, and leading vs lagging indicators
Prepare presentation materials and narrative summaries
Ensure metrics influence decision-making, not just reporting
Data Quality & Governance
Implement controls for accuracy, completeness, and traceability
Conduct quarterly metric definition reviews
Reduce manual reporting and enforce governance standards
Required Qualifications
Required Experience
8+ years in cybersecurity metrics, cyber risk reporting, GRC, cyber operations, or InfoSec business intelligence
Strong understanding of:
SOC / Incident Response
Vulnerability Management
IAM / PAM
Cloud Security
AppSec / SDLC Security
Third-Party Risk
Advanced Excel skills
Strong PowerPoint and executive storytelling ability
Experience with at least one BI tool (Power BI, Tableau, or Qlik)
Soft Skills
Excellent written and verbal communication
Comfortable presenting to executive audiences
Strong facilitation and workshop leadership
Proactive, ownership-driven mindset
Preferred Qualifications
Experience with NIST CSF, NIST 800-53, ISO 27001, CIS Controls
Experience with tools such as Splunk, Sentinel, CrowdStrike, Qualys/Tenable, ServiceNow (IRM/GRC/SecOps), or Archer
Certifications such as CISSP, CISM, CRISC, Security+, or ITIL Foundation
Experience building KPI/KRI governance programs
Prior banking or financial institution experience
Education
Post-secondary education is a plus; relevant professional experience is prioritized.
Performance Measurement
Performance will be measured by meeting defined deliverables, adherence to timelines, and successful stakeholder adoption of reporting frameworks.
Benefits
Medical, Vision, and Dental Insurance Plans
401k Retirement Fund
About The Company
Top 10 bank in Canada and North America offering comprehensive financial solutions. Providing retail, commercial, wealth management, and wholesale banking services, we help clients thrive in today's evolving market.
About GTT
GTT is a minority-owned staffing firm and a subsidiary of Chenega Corporation, a Native American-owned company in Alaska. As a Native American-owned, economically disadvantaged corporation, we highly value diverse and inclusive workplaces. Our clients are Fortune 500 banking, insurance, financial services, and technology companies, along with some of the nation’s largest life sciences, biotech, utility, and retail companies across the US and Canada. We look forward to helping you land your next great career opportunity!
Job Number: 26-01537
#LI-GTT #LI-Hybrid