Analyst IT Governance

Are you looking to Optimize your life? Start your exciting path to a rewarding career today!

We are Optimum, a leader in the fast-paced world of connectivity, and we're on the hunt for enthusiastic professionals to join our team! We understand that connectivity isn't just a luxury anymore – it's a necessity that empowers lives, fuels businesses, and drives innovation. A career at Optimum means you'll be enabling progress and enhancing lives by providing reliable, high-speed connectivity solutions that keep the world connected. We owe our success to our amazing product, commitment to our people and the connections we make in every community.

If you are resourceful, collaborative, team-oriented and passionate about delivering consistent excellence, Optimum is the Company for you!

We are Optimum!

The IT Governance Analyst plays a valued role in ensuring that IT infrastructure, operations and administrative practices align with organizational security program objectives, regulatory mandates, and recognized security governance frameworks. This position is ideal for a technically proficient professional with a solid foundation in Cybersecurity and a passion for improving compliance, risk management, and audit readiness. This role acts as a key bridge between security experts, technical teams (e.g., Systems, Network, Applications and Cloud Administrators) and Governance/Risk/Compliance (GRC) programs, driving continuous improvement, policy adherence, and operational excellence. The analyst must possess effective communication and process management skills and subject matter expertise.

Work as a contributing member of the Security Governance, Risk and Compliance team by performing daily activities to ensure internal controls, standards, policies, and standards are in place, up to date, and adhered to for infrastructure and information assets. Security Governance activities may include developing and maintaining the information security program based on the NIST CSF security framework; governing the security risk & vulnerability management program; conducting Third Party Risk Assessments; updating security policies, standards, and controls; and supporting the security awareness program for continuous security education.

Responsibilities:

Security Governance and Compliance

• Assist in building a security-focused culture through partnership and collaboration with business, cybersecurity, and other risk-related teams to deliver value and improve the security posture of Optimum.
• Assist with development and implementation of Security Governance, Risk, and Compliance frameworks, policies, and standards aligned with regulatory and business requirements.
• Maintain IT Security Governance, Risk, and Compliance Documentation. Identify areas requiring additional review, based on knowledge of systems, processes and general computing controls.
• Function as a liaison and IT Security Governance and Compliance expert.
• Participates in special projects and performs other duties as assigned.

Risk Management

• Support and advocate for the company’s Security Governance, Risk, and Compliance program, engage with stakeholders, support the identification of security risks, risk controls, and risk remediation.
• Participate in technical design, process reviews, and support stakeholders in risk identification. Document critical controls applied to mitigate risk.
• Accurately evaluate and document Risks to include on the Risk Register.
• Collaborate with business and technical stakeholders on risk remediation and mitigation activities, including tracking and assurance of progress of remediation action plans across compliance, policy, and process gap remediation activities and risk mitigation activities in partnership with internal business organizations.
• Support the Third-Party Risk Management Program with assessments and monitoring.

Audit & Reporting

• Manage dashboards that deliver practical, meaningful security governance risk metrics and KPIs to internal and external stakeholders.
• Produce necessary cybersecurity reporting for the Compliance Committee, CISO leadership and key stakeholders. This includes but is not limited to programs for risk and vulnerability management; internal audits; security incident management; and security awareness/ education.
• Provide support to peers and business partners for compliance programs, and other external and internal audits.

Qualifications/ Requirements:

·         2-4 years’ experience in Security Governance, Risk / Vulnerability Management, Compliance, or related functions.

·         Strong understanding of security frameworks such as NIST CSF; ISO 27001, 27002, 27005, 31000; PCI-DSS.

·         Bachelor’s degree, at minimum.  Preferred in Cybersecurity, Computer Science, Information Systems, or related field.

·         Solid understanding of IT Systems, Network Security Concepts, Cloud Security concepts, Virtualization, Threat and Vulnerability Management, and Secure Code Development.

·         Ability to articulate and demonstrate a risk-relevant approach for Information Security Risk Management.

·         Strong analytical, risk-based problem solving and critical thinking skills and the ability to support decisions that balance Information security while also enabling business objectives.

·         Excellent written and verbal communication skills; ability to convey security concepts to non-technical and technical audiences (e.g., internal customers, legal, executive management,).

·         Ongoing familiarity with emerging and prevalent technologies and IT systems

·         Strong work ethic with a flexible and adaptable approach

·         Initiative-taking and able to work independently and as part of a team.

·         Highly organized, with project management skills

·         Knowledge of MS Excel, MS Power Point, JIRA, SharePoint, and Confluence

·         Related Industry certifications are a plus.  EG: CISA, CRISC, CISSP, CBRITP, CBCP, CompTIA Security+, ITIL.

·         Direct experience supporting internal/external audits, evidence collection, and control documentation is a plus.

At Optimum, we're fueled by our four core pillars: Taking Ownership, Upholding Transparency, Creating Community, and Demonstrating Expertise. Our commitment to empowering employees to take responsibility and embrace proactive problem-solving underpins Taking Ownership. Upholding Transparency is at the core of our culture, with open and honest communication fostering trust among our dedicated team and loyal customers. Creating Community is more than a goal; it's our daily commitment to fostering an environment of collaboration, innovation, and positivity. Demonstrating expertise is a promise we uphold through continuous learning and engagement with our customers to consistently deliver top-quality products and services. These pillars not only shape our culture but define Optimum as a place of excellence, trustworthiness, and thriving community, and we invite you to be a part of our journey.

If you have the drive to succeed and are ready to embark on a thrilling career, seize this opportunity today, and join our winning team, so together, we'll shape the future of connectivity. 

All job descriptions and required skills, qualifications and responsibilities for a particular position are subject to modification by the Company from time to time, in the Company’s discretion based on business necessity.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, national origin, religion, age, disability, sex, sexual orientation, gender identity or protected veteran status, or any other basis protected by applicable federal, state, or local law. The Company provides reasonable accommodations upon request in accordance with applicable requirements.

Optimum collects personal information about its applicants for employment that may include personal identifiers, professional or employment related information, photos, education information and/or protected classifications under federal and state law. This information is collected for employment purposes, including identification, work authorization, FCRA-compliant background screening, human resource administration and compliance with federal, state, and local law. 

Applicants for employment with the Company will never be asked to provide money (even if reimbursable) as part of the job application or hiring process. Please review our Fraud FAQ for further details.

This position is identified as being performed in/or reporting to company operations in New York State. Salary ranges are supplied in compliance with New York State law. Pay is competitive and based on a number of job-related factors, including skills and experience. The starting pay rate/range at time of hire for this position in the posted location is $77,112.00 - $126,684.00 / year. The rate/range provided herein is the anticipated pay at the time of hire, and does not reflect future job opportunity.