Role: IT Information Security Analyst – Cyber & Technology Issues Reporting

Location: Mount Laurel, NJ (Hybrid 2 days onsite / 3 days remote; increased onsite expected in 2026)
Type: Contract (8 months) – Extension & Conversion Possible
Openings: 2
Hours: Monday–Friday, 40 hours/week
Start Date: ASAP

 

Overview
We are seeking experienced Cyber/Technology Risk & Reporting professionals to support the Technology & Cyber Issues Reporting and Insights function within Global Security & Defence.

This role is responsible for executive-level reporting, governance insights, and thematic risk analysis across cybersecurity and technology issue portfolios. The position provides high-visibility exposure to senior leadership, risk committees, and enterprise governance forums.

This role does not own remediation — it owns portfolio intelligence, reporting integrity, and governance narrative.

 

Key Responsibilities

Issues Portfolio Reporting & Governance

• Produce recurring reporting for:
• Technology Risk Committees
• Cyber governance forums
• Operational risk committees
• Senior leadership and board-level stakeholders
• Build standardized views of:
• Issue aging, severity, and ownership
• SLA breaches and overdue corrective action plans
• Open vs. closed trends
• Reopen/repeat issue rates
• Systemic or thematic control gaps

3 Lines of Defense Alignment

• Integrate reporting across:
• 1LoD technology & remediation teams
• 2LoD cyber GRC / operational risk
• 3LoD internal audit
• Ensure consistent risk taxonomy, severity classification, and materiality definitions.
• Maintain defensible classification between issues, control gaps, and improvements.

Trend, Root Cause & Thematic Analysis

• Identify:
• Recurring control failures
• Systemic breakdowns (process, tooling, accountability)
• Concentration risks across platforms or teams
• Persistent audit repeats or remediation failures
• Deliver forward-looking risk insights and drivers.

Executive Narratives & Committee Readouts

• Translate data into:
• Clear storylines
• Root causes and drivers
• Risk-impact narratives
• Actionable decisions for leadership
• Prepare executive briefs, talking points, and governance materials.
• Challenge unsupported or inconsistent remediation narratives.

Data Quality, Evidence & Defensibility

• Own reconciliation between systems of record and governance reporting.
• Enforce data quality controls and audit-ready documentation.
• Maintain definitions for:
• Aging calculations
• Breach logic
• Reopen logic
• Closure evidence expectations

Continuous Improvement & Automation

• Enhance reporting visuals, templates, and taxonomy.
• Support automation of reporting feeds (Archer, ServiceNow IRM/GRC, etc.).
• Define dashboard and analytics requirements.

 

Required Experience

Must-Have

• 8+ years in cyber/technology risk, audit reporting, cyber GRC, issues management, or enterprise operational risk.
• Proven experience building executive reporting packs covering:
• Issue health & remediation
• Audit/regulatory outcomes
• Control performance
• Strong knowledge of:
• Issues lifecycle & CAP governance
• Severity rating frameworks
• Risk/control relationships and materiality

 

Soft Skills

• Exceptional executive writing and storytelling.
• Strong stakeholder influence and executive presence.
• High attention to detail and reporting accuracy.

 

Nice-to-Have

• Experience in highly regulated industries (financial services, insurance, healthcare).
• Familiarity with frameworks:
• NIST 800-53 / NIST CSF
• ISO 27001
• COBIT
• Tools exposure:
• Archer, ServiceNow IRM/GRC, MetricStream
• Jira
• Power BI or Tableau
• Certifications such as CRISC, CISA, CISSP, or CISM.

Work Environment

• Hybrid in Mount Laurel, NJ (remote possible for exceptional candidates within commuting distance).
• Collaborative 10-person team with strong leadership visibility.
• Opportunity for long-term growth and enterprise exposure.

Success Measures

• Improved transparency and consistency in issue reporting.
• Reduced reporting disputes through strong governance and definitions.
• Early detection of systemic control gaps.
• Audit- and regulatory-defensible committee materials.
• Increased leadership confidence in cyber/technology risk posture.

 
 
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 80.00/hr.