Senior Analyst, Cybersecurity/IT Control Design and Monitoring

Senior Analyst, Cybersecurity/IT Control Design and Monitoring (First Line)

Position Summary

Do you want to be part of a collaborative team? Are you a problem solver who enjoys diving into security risk, translating complex technical concepts for business partners, and driving meaningful risk reduction across the enterprise?

As a Senior Analyst, Cybersecurity/IT Control Design and Monitoring, you will help ensure controls are designed and monitored in alignment with policies. You will partner across Cybersecurity, Technology, Risk Management, and Internal Audit to design controls, evaluate control performance through data-driven assurance, and drive timely remediation of control gaps.

In partnership with 2nd line and control owners, this role helps to manage risk exposure and maintain alignment with policies and internal standards.

• Passionate about cybersecurity, control design and IT control and risk management
• Detail and analytically oriented
• Flexible and resourceful in managing multiple priorities
• Able to effectively collaborate within your own team and across the organization

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Technology Risk Management, or a related field (or equivalent experience)
• 3+ years of experience in cybersecurity, architecture, IT risk, or technology audit
• Experience designing controls to address risks, identifying residual risks, and executing control assurance procedures (design and operating effectiveness)
• Strong understanding of control frameworks and regulatory expectations (e.g., NIST CSF/800-53, MAR, COBIT, SOC 2, NYDFS, etc.)
• Experience working with public cloud platforms (AWS, Azure, GCP) and validating control evidence (e.g., IAM, logging, encryption, configuration baselines)
• Relevant certifications (e.g., CISSP, CISA, CRISC, Security+, CCSP) or demonstrated progress toward one

Security/Technology Control Design

• Engage in new projects (Tech Governance process) to ensure the appropriate controls are designed and implemented to meet policies, including as appropriate those related to Key Financial Systems (KFS)
• Partner with internal audit Model Audit Rule team and risk team to ensure controls designs are appropriate
• Perform initial validation of designed controls to ensure they are operating effectively prior to go-live

Cyber Control Monitoring & Self-Assessment

• Contribute to the implementation and day-to-day operations of the first line information security continuous control monitoring program
• Partner with control owners to validate control performance, investigate exceptions, and document root cause and corrective actions
• In partnership with 2nd line, maintain a control inventory and control-to-evidence mapping aligned to internal policy and external frameworks; ensure controls have clear owners, descriptions, and measurable success criteria
• Identify coverage gaps, control weaknesses, and emerging risks through ongoing monitoring, and drive changes to the 1st line monitoring program based on findings
• Develop and maintain control test procedures (what is tested, data sources, sampling/coverage, frequency, and pass/fail criteria) and ensure results are reproducible and audit-ready

Risk Remediation

• Assist D&T control owners in designing remediation plans that address root-cause correction, appropriate compensating controls, and achieve measurable risk reduction
• Validate effectiveness of remediation actions identified through the 1st line monitoring program, confirm resolution and adequacy to prevent recurrence

• As our Senior Analyst, Cybersecurity/IT Control Design and Monitoring, you will report to our Head of Cybersecurity Governance.

Location

• Three days a week at our Guardian office in New York, NY or Bethlehem, PA

Salary Range:

The salary range reflected above is a good faith estimate of base pay for the primary location of the position. The salary for this position ultimately will be determined based on the education, experience, knowledge, and abilities of the successful candidate. In addition to salary, this role may also be eligible for annual, sales, or other incentive compensation.

Our Promise

At Guardian, you’ll have the support and flexibility to achieve your professional and personal goals.  Through skill-building, leadership development and philanthropic opportunities, we provide opportunities to build communities and grow your career, surrounded by diverse colleagues with high ethical standards.

Inspire Well-Being

As part of Guardian’s Purpose – to inspire well-being – we are committed to offering contemporary, supportive, flexible, and inclusive benefits and resources to our colleagues. Explore our company benefits at www.guardianlife.com/careers/corporate/benefits. Benefits apply to full-time eligible employees. Interns are not eligible for most Company benefits.

Equal Employment Opportunity

Guardian is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, race, color, creed, religion, sex, affectional or sexual orientation, national origin, ancestry, marital status, disability, military or veteran status, or any other classification protected by applicable law.

Accommodations

Guardian is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. Guardian also provides reasonable accommodations to qualified job applicants (and employees) to accommodate the individual's known limitations related to pregnancy, childbirth, or related medical conditions, unless doing so would create an undue hardship. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact [email protected]. Please note: this resource is for accommodation requests only. For all other inquires related to your application and careers at Guardian, refer to the Guardian Careers site.

Visa Sponsorship

Guardian is not currently or in the foreseeable future sponsoring employment visas. In order to be a successful applicant. you must be legally authorized to work in the United States, without the need for employer sponsorship.

Notice Regarding Guardian’s Use of Artificial Intelligence in Recruitment

As part of Guardian’s job application process, Guardian may use artificial intelligence tools (“AI Tools") to automate the sorting and filtering of information provided by applicants as part of its preliminary screening. This preliminary screening may be used to help identify applicant materials and resumes relative to their indication that the applicant meets the requirements for the specific job for which they are applying, as specified in the listing posted on Guardian’s jobs website (Careers at Guardian at https://www.guardianlife.com/careers). At Guardian, we do not use AI Tools to substantially assist or replace human judgment or discretionary decision making in our hiring process. All hiring decisions will be made by Guardian colleagues.

Please be aware that if you apply for a specific position with Guardian, you will have the choice of opting out of Guardian’s use of AI Tools during the job application process. If you would like to request an alternative process that does not utilize AI Tools or would like to request a reasonable accommodation, within ten business days of your position application, you must email your request to [email protected], making sure to provide your name and job requisition identification number. Guardian will retain your applicant materials and resume and all information therefrom in accordance with Guardian’s document retention policy, a copy of which you may request via [email protected].

Additionally, at applicable times, Guardian will make public the most recent bias audit results for such AI tools, which may be found here. 

Current Guardian Colleagues: Please apply through the internal Jobs Hub in Workday.