Sr. Information Security Governance Analyst- Bridgewater, NJ or Morrisville, NC (Hybrid)

About the position The Senior Information Security Governance Analyst plays a vital role in strengthening the organization's security posture by managing the cybersecurity policy governance framework, driving the effectiveness of governance initiatives and company-wide security awareness. The role is responsible for developing, maintaining, and aligning security policy documents with standards such as ISO/IEC 27001, demonstrating Syneos Health's cybersecurity resilience during audits, and partnering for a robust security awareness program. The ideal candidate will combine knowledge of cybersecurity governance with effective communication skills to clearly articulate security governance initiatives, engage stakeholders, and foster a culture of security throughout the organization.

Responsibilities

• Develop, implement, and maintain a comprehensive cybersecurity governance framework to ensure compliance with industry standards and align with the organization's security and risk management objectives.
• Develop, publish, and maintain cybersecurity Policies, Standards, Guidelines, and SOPs that are practical, enforceable, and aligned with leading practices.
• Lead multiple cybersecurity governance initiatives concurrently, ensuring alignment with objectives, and timelines and delivering expected outcomes.
• Collaborate with cross-functional teams and internal stakeholders to ensure cybersecurity policies, standards, and procedures comply with relevant local and global laws, regulations, and industry standards.
• Monitor policy adherence across the organization and address non-compliance issues promptly.
• Manage and collaborate to execute cybersecurity awareness campaigns to educate employees about potential threats and promote a culture of cybersecurity in the organization.
• Provide guidance and support to business units on cybersecurity governance matters, including security awareness training.
• Measure the effectiveness of awareness campaigns and continuously improve engagement through innovative communication strategies.
• Coordinate and support internal and external cybersecurity audits and assessments, ensuring compliance with established controls and best practices, and accurate and timely responses to audit findings and recommendations.
• Maintain the strategy to support customer audits and update a centralized repository of security documentation, assessments, audit reports, and standard responses to streamline customer engagements.
• Develop and deliver accurate, comprehensive responses to customer RFIs, RFQs, and RFPs related to cybersecurity and data protection.
• Liaise with internal and external auditors and regulatory bodies to facilitate audits and ensure successful outcomes.
• Coordinate audit responses and address findings or recommendations in a timely and effective manner to improve and meet customer satisfaction.

Requirements

• Bachelor's degree in computer science, Information Security, Marketing, Communication or a related field.
• Minimum 5 years' experience in cybersecurity governance, with a proven track record of successfully managing complex projects and initiatives.
• Knowledge in developing and governing cybersecurity policy frameworks.
• Good understanding of cybersecurity principles, practices, and technologies, with previous experience in cybersecurity governance desirable.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and communicate complex cybersecurity concepts to non-technical stakeholders.
• Strong analytical and problem-solving skills, with the ability to assess risks and develop effective mitigation strategies.
• Knowledge of cybersecurity frameworks and standards such as HIPAA, GDPR, NIST, ISO 27001, HITRUST, and FDA regulations.
• Ability to work independently as well as collaboratively in a team environment, prioritize tasks, and manage time effectively.

Nice-to-haves

• Relevant certifications such as PMP, CRISC, and CISA are desirable.

Benefits

• Health benefits to include Medical, Dental and Vision
• Company match 401k
• Eligibility to participate in Employee Stock Purchase Plan
• Eligibility to earn commissions/bonus based on company and individual performance
• Flexible paid time off (PTO) and sick time

Apply tot his job Apply To this Job