Summary

The Governance and Reporting Associate will support the firm’s Cybersecurity and Resilience risk management and oversight by driving governance processes, producing high-quality reporting, and ensuring compliance with internal standards and external regulatory expectations.

This role acts as a key link between Cybersecurity teams, risk functions, and senior stakeholders by translating technical risk information into clear, actionable insights. The Associate will coordinate governance forums, track risk and its associate metrics’ performance, and enhance reporting to provide transparency into the organization’s Cyber risk posture and resilience. The Associate also ensures data quality, consistency, and transparency in reporting, while contributing to budgeting and forecasting efforts.

Key Responsibilities

• Governance Committee Coordination
  • Prepare executive-level materials for Cybersecurity and Resilience governance forums, risk committees, and executive reporting cycles.
  • Coordinate inputs from various cybersecurity teams to ensure cohesive and accurate reporting.
  • Maintain reporting calendars and ensure timely delivery of committee decks and regulatory/external submissions.
  • Assist the operations of the governance committees, including coordinating meetings, managing agendas, and ensuring follow-up on action items.
  • Enable proactive management of the risk and control environment through comprehensive reporting and analysis.
• Data Analytics & Data Quality
  • Create, develop and maintain dashboards and reports that provide insights into cybersecurity performance, control effectiveness, and operational metrics.
  • Ensure consistency, accuracy, and traceability of data used in reporting.
  • Conduct regular data validation and reconciliation to ensure integrity and reliability.
  • Collaborate with data and process owners to resolve discrepancies and improve data governance.
• Continuous Improvement
  • Identify opportunities to streamline cybersecurity functions to reduce manual effort and increase efficiency.
  • Lead and support the implementation of automation and workflow solutions for the identified opportunities.
  • Contribute to lessons-learnt activities following audits, regulatory reviews, or cyber events, embedding improvements into processes.
• Budgeting & Forecasting Support
  • Assist cybersecurity leadership and finance teams in budget planning and forecasting.
  • Track actual spend vs. budget and support variance analysis.
  • Provide data-driven insights to inform investment decisions and resource allocation.

Salary Range: $110k-$135k

#LI-DNI

Core Competencies

• Strong understanding of cybersecurity domains and governance practices in financial services.
• Proficiency in data visualization and analytics tools (e.g., Power BI, Tableau, Excel).
• Strong analytical, organizational, and written communication skills using tools such as MS PowerPoint.
• Ability to manage multiple initiatives simultaneously, determine prioritization, and work under minimal supervision.
• Comfort working in a highly global, diverse, and hybrid (office and virtual) work environment.

Education Essential: Bachelor’s degree in Risk Management, Information Technology, Information Systems or a related field

Education Desirable: 

• Advanced degree (MBA, MS) is strongly preferred.
• Relevant industry certifications (CISA, CRISC, CISSP) are strongly preferred.

Experience Essential: Minimum 5+ years of experience in data analytics, operational risk management, compliance, audit, or other data analytics function within financial services or technology environments.

Experience Desirable: Experience delivery complex data analytics and reporting capabilities at global or systemically important financial institutions.

Competencies Essential: 

• Analytical Thinking: Ability to interpret security, risk, and control data and distill it into meaningful insights.
• Attention to Detail: Ensures accuracy and consistency in reporting and governance documentation. 
• Communication Skills: Strong written and verbal communication, capable of tailoring messages to both technical and non-technical stakeholder (including senior management and regulators).
• Stakeholder Management: Ability to collaborate across multiple lines of defense, business units, and external regulator/auditors.
• Problem Solving: Proactive identification of gaps, issues, and areas for improvement in cyber governance and reporting processes.
• Adaptability: Able to pivot and respond to evolving regulatory requirements, incidents, and ad-hoc reporting needs.
•  Confidentiality & integrity: Trusted to handle sensitive information with discretion and professionalism.

Skills and Knowledge Essential: 

• Microsoft Suite Proficiency: Skilled in navigating Microsoft Suite of products for analysis and reporting e.g., Excel, PowerPoint.
• Technical Proficiency: Familiarity with relevant tools and technologies, including SQL, data visualization tools (like PowerBI, Tableau), and potentially programming languages. 
• Reporting & Metrics: Strong skills in developing executive-level dashboards and reporting packs (Board, CISO, Risk Committees).
• Risk and Controls: Understanding of operational risk, cyber risk taxonomy, Key Risk Indicators (KRIs/KC