Cyber Security Governance & Customer Trust Senior Analyst – Blackbaud – Trenton, NJ
Note: We may earn a commission from products or services when you click on a link and make a purchase.
About the job
The Cyber Security Governance Analyst will be responsible for working with maturing our Cyber Security Program and supporting activities related to development and maintenance of policies, standards, procedures, and controls, Customer Trust & Sales Enablement, and Control Framework Assessments & Evaluation. Additionally, the Cyber Security Governance Analyst will be working with the broader security team to mature our program, assess security risks, and communicate/facilitate remediation of those risks.
What You Will Be Doing
- Develop and mature Blackbaud’s Cyber Security related policies, standards, and procedures in line with industry best practices
- Design, implement, and manage policies, standards, procedures, and controls to protect the confidentiality, integrity, and availability of the organization’s information assets.
- Utilize frameworks and regulation guidelines to build policy/ standards/ procedures
- Work with appropriate business and IT stakeholders for alignment and approval of policy/standard/framework
- Work with Change Management team to socialize and educate on policy/standard/procedure updates
SEE ALSO: Cyber security analyst median salary
Continue to Build a Strong Security Program
- Control Framework Assessments & Evaluation
- Assessment of the Cyber Security Program utilizing NIST Cyber Security Framework and determine areas of risk and remediations needed
- Assessing metrics on Information Security Program
- Evaluate and recommend new and emerging security products and technologies
Assess and mitigate risk
- Maintenance and further development of the Cyber Security Risk Register with the Galvanize GRC platform.
- Work with IT and business stakeholders to mitigate risks and create risk remediation plans
- Application and vendor risk assessment due diligence
- Evaluate alignment with the MITRE ATT&CK framework
- Assess IT risks through mergers and acquisitions and recommend mitigation strategies
Sales & Customer Trust and Enablement
- Respond promptly to Sales Team and Customer Security inquiries
- Leverage customer relationship skills to build enable trust
- Leverage CAIQs, Ombud information repository, and other document collateral to complete security related inquiries from customers and internal sales teams.
- Development and improvement of Security based collateral, including Data Sheets, White Papers, CAIQ development, etc.
- Engage with internal and external customers to communicate the security posture of Blackbaud and Blackbaud products. Leverage Security posture as a sales differentiator in conversations.
- Assist with Customer escalation and security related call requests for questions related to the Blackbaud Information Security posture.
Who We Are Looking For
- Degree in Computer Information Systems, Computer Science, Information Systems Management, or equivalent professional experience
- 4+ years of progressively responsible experience in the management of information systems with at least 2 years of formal experience in information security.
- Experience with:
- Security Technologies / Methodologies
- IT Audit/Risk Management
- Customer Engagement
- Cloud Security Alliance/ STAR Registry/ Consensus Assessment Initiative Questionnaires
- Information Security Metrics and Reporting
- Cyber Security Frameworks and regulations such as NIST CSF, ISO27001, PCI DSS, SOC, etc.
Our Most Popular Cyber Security Training Courses
- Google Cloud Security
- Google Cloud Networking
- Introduction to Cybersecurity Tools & Cyber Attacks
- Linux Security
- Cyber Security 10 Domains
- IBM Fundamentals
- AWS Cloud Native
- Certification in information security disciplines such as: GIAC – GSEC, GCED, GLEG, GSLC, GISP, GCCC, GAWN, GSTRT, GISF, GSNA, and/or CISA, CISM, CRISC
Stay up to date on everything Blackbaud, follow us on Linkedin , Twitter , Instagram , Facebook and YouTube
Blackbaud is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.
To all recruitment agencies: We do not accept unsolicited agency resumes and are not responsible for any fees related to unsolicited resumes.