Business Analyst - Cybersecurity (Remote Option)

COMPANY 

AccuWeather, recognized and documented as the most accurate source of weather forecasts and warnings in the world, has saved tens of thousands of lives, prevented hundreds of thousands of injuries and tens of billions of dollars in property damage. With global headquarters in State College, Pennsylvania; a severe weather center in Wichita, Kansas; and offices in New York City and elsewhere around the world, AccuWeather serves more than 1.5 billion people daily to help them plan their activities and get more out of their day through innovative digital media properties, such as AccuWeather.com and mobile, as well as AccuWeather For Business (AFB), radio, television, newspapers, digital out of home, the 24/7 AccuWeather Network channel and AccuWeather NOW streaming service. Additionally, AccuWeather produces and distributes news, weather content, and video for more than 180,000 third-party websites.

AccuWeather's innovation-first promise has led to the development of many award-winning and propriety features that are available free to the public, including AccuWeather MinuteCast® Minute by Minute™ forecasts with Superior Accuracy ™, the exclusive AccuWeather RealFeel® Temperature, and AccuWeather RealImpact™ Scale for Hurricanes, among many other revolutionary products for the greater safety, convenience and comfort of our users. Further, AccuWeather serves more than half of the Fortune 500 and thousands of other businesses in the U.S. and globally.

Dr. Joel N. Myers, Founder and Chief Executive Officer, established AccuWeather in 1962 and is considered the “father of modern commercial meteorology.” Dr. Myers, a leading creative thinker and visionary, has been named “the most accurate man in weather” by The New York Times and one of the top entrepreneurs in American history by Entrepreneur’s Encyclopedia of Entrepreneurs.

SUMMARY 

The Business Analyst – Cybersecurity role is a core component of the end-to-end security transformation program. This role blends deep technical cybersecurity knowledge and implementation with an understanding of business operational needs and requirements. We are looking for someone who can interpret all areas of security policy and standards into practical processes that support business initiatives, regulatory, and compliance needs. You will also provide outcomes that seamlessly integrate continuous vulnerability monitoring into all threat and security business risk management activities. Business strategic goals can change, as do technologies and security vulnerabilities and requirements. Due to that, the Cybersecurity Business Analyst needs to remain current, flexible in approach, and innovative in solution design and thinking. 

Remote candidates are being considered for this exciting mid-level opportunity.

RESPONSIBILITIES 

Governance and Assurance 

• Ensure that the security governance framework is enabled and can adequately support security implementation, assurance, solution delivery, metric collation and reporting across all areas of the business.
• Oversee the management of cybersecurity governance assurance activities that support implementation and compliance to security policies, processes and standards.
• Responsible for ensuring that the enterprise risk management log adequately addresses all risks that impact the business. This includes ensuring that proposed mitigation plans address any gap analysis reports.  Oversight, advice and guidance for the management of residual and hidden risks is an important component of this role. 
• Support a cybersecurity culture in all business operations working across the business (Project Management, Change Management processes and Vendor Management).
• Manages solutions and processes that will increase security maturity, security posture and ensures continuous management and optimization across the business.

Communication and Culture 

• Maintain a cybersecurity culture and presence across all areas of the business. 
• Ensure that the reporting of complex cybersecurity concepts is delivered at appropriate levels of understanding for all areas of the business.
• Oversee and verify the accuracy of cybersecurity principles that are being delivered for required action across the business.
• Proactively monitor cybersecurity outcomes to provide a business view of potential impacts.
• Create and present security performance reporting against governance frameworks and risk appetite.

Cyber Security Profile Management 

• Help manage and deliver the strategic roadmap that defines the cybersecurity strategic goals.
• Support and provide technical advice and guidance across the business on ways to embed cybersecurity governance into ways of working. 
• Contribute to activities that require review and then recommend cybersecurity toolsets and solutions that are responsible for protecting all areas of business operations.
• Responsible for the maintenance and delivery of the security programs and activities that support the delivery of awareness and training as well as agreed solutions for business continuity and disaster preparedness. 
• Uphold all budgetary requirements and effective management of the business cybersecurity requirements.
• Identify and support the release of financial efficiencies as outcomes from increasing security maturity and cybersecurity posture.

QUALIFICATIONS:

• Bachelor’s degree and a minimum of 7 years of experience in IT with process design and implementation.
• Experience in presenting complex technical concepts for diverse security awareness audiences.
• Ability to respond to challenges on both security risk and technical concepts.
• Experience with business operational processes as they relate to functional Lines of Business across the organization.
• Experienced in understanding the design, development and installation of cybersecurity tooling.
• Ability to work independently with minimal oversight to deliver on agreed objectives.
• Ability to be innovative in the support of cyber-related risk mitigation or management solutions.
• Ability to understand and oversee the design, building and delivery of cloud-related solutions.
• Accurately understand and support activities that manage and support legacy environments, including migration planning activities.
• MS Windows and server administration experience.
• Highly confident knowledge of technical infrastructure, networks, databases and systems as they relate to Cybersecurity and IT risk.
• Experienced in technical support for embedding security into activities and methods of task completion (phishing, awareness, training campaigns).
• Certified Information Systems Security Professional (CISSP) 
• While we are considering remote candidates, in the United States, AccuWeather is only able to hire team members in the following states due to taxation purposes: CA, CO, CT, DE, DC, FL, GA, IL, IN, KS, KY, MD, MN, MO, NE, NV, NJ, NY, NC, OH, OK, PA, SC, SD, TN, TX, VA, WA, WI and WY.
  
  

AccuWeather is proud to be an Equal Opportunity/Affirmative Action Employer. We are committed to equal employment opportunity to all applicants and existing employees and we evaluate qualified applicants without regard to race, creed, color, national origin, sex (including pregnancy and gender identity/expression), sexual orientation, age, ancestry, physical or mental disability, marital status, political affiliation, religion, citizenship status, genetic information, veteran status, or any other basis protected under applicable federal, state, or local law. View the EEO is the Law poster here and its supplement here. The pay transparency policy is available here. 

AccuWeather is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to human.resources@accuweather.com and let us know the nature of your request and your contact information.