Analyste principal(e) - Contrôles et indicateurs de cybersécurité | Cybersecurity Controls & Metrics
NTT Data
Req ID: 381849
NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.
We are currently seeking a Analyste principal(e) - Contrôles et indicateurs de cybersécurité | Cybersecurity Controls & Metrics to join our team in Montreal, Quebec (CA-QC), Canada (CA).
Analyste principal(e) – Contrôles et indicateurs de cybersécurité
Sommaire du poste
Nous recherchons un(e) Analyste principal(e) – Contrôles et indicateurs de cybersécurité expérimenté(e) pour contribuer à la définition, à la mesure et à l'amélioration de l'efficacité des contrôles technologiques et de cybersécurité à l'échelle de l'entreprise.
Dans ce rôle, vous collaborerez avec les équipes de cybersécurité, des technologies, de la gouvernance et des données afin de développer des indicateurs de contrôle pertinents, de mettre en place des cadres de production de rapports et de veiller à ce que les contrôles de cybersécurité soient mesurables, efficaces et conformes aux politiques organisationnelles.
Le ou la candidat(e) idéal(e) possède une solide expertise en cybersécurité, d'excellentes capacités analytiques et une expérience dans la définition d'indicateurs clés de contrôle (KCI), de mesures de performance et de rapports soutenant les initiatives de gouvernance, de gestion des risques et de conformité.
Principales responsabilités
- Définir et documenter les indicateurs des contrôles technologiques et de cybersécurité, les méthodologies de mesure ainsi que les exigences en matière de production de rapports.
- Collaborer avec les responsables des contrôles et les parties prenantes de l'entreprise afin de comprendre les objectifs des contrôles et de les traduire en indicateurs clés de contrôle (KCI) et en mesures de performance mesurables.
- Travailler en partenariat avec les équipes des politiques technologiques et de la gouvernance afin d'intégrer les exigences de mesure dans la conception et la mise à jour des politiques.
- Collaborer étroitement avec les équipes d'ingénierie des données et des outils afin d'automatiser la collecte, le calcul et la production des indicateurs de contrôle.
- Concevoir et améliorer des tableaux de bord et des cadres de rapports fournissant des renseignements pertinents sur l'efficacité des contrôles et les risques opérationnels.
- Analyser les données afin d'identifier les tendances, les écarts et les occasions d'amélioration continue.
- Veiller à l'exactitude, à la cohérence et à l'alignement des indicateurs avec les exigences de gouvernance et de conformité de l'entreprise.
- Soutenir l'évolution continue des capacités de mesure de la cybersécurité, des processus de production de rapports et des normes de gouvernance.
- Établir et maintenir de solides relations avec les intervenants des équipes de cybersécurité, des technologies, de la gestion des risques et de la conformité.
Qualifications requises
- Baccalauréat ou combinaison équivalente de formation et d'expérience professionnelle.
- Au moins cinq (5) ans d'expérience en sécurité de l'information, cybersécurité, technologies de l'information ou dans un domaine connexe.
- Au moins deux (2) ans d'expérience pratique dans la mise en œuvre ou le soutien de contrôles technologiques ou de cybersécurité.
- Expérience dans la définition de mesures de cybersécurité, d'indicateurs clés de contrôle (KCI), d'indicateurs clés de risque (KRI) ou d'indicateurs de performance opérationnelle.
- Excellentes aptitudes analytiques et capacité à interpréter les données et à formuler des recommandations concrètes.
- Expérience de collaboration avec des équipes multidisciplinaires et aptitude à traduire les besoins d'affaires en résultats mesurables.
- Excellentes habiletés en communication orale et écrite.
- Solides compétences en organisation, en résolution de problèmes et en gestion des parties prenantes.
- Capacité à gérer plusieurs priorités dans un environnement dynamique et en constante évolution.
Qualifications privilégiées
- Expérience des programmes de gouvernance, de gestion des risques et de conformité (GRC) en cybersécurité.
- Connaissance des cadres de contrôle technologique et de cybersécurité utilisés en entreprise.
- Expérience des contrôles de sécurité infonuagique dans des environnements de nuage public (Microsoft Azure, Amazon Web Services [AWS] ou Google Cloud Platform [GCP]).
- Connaissance des domaines de sécurité suivants :
- Gestion des identités et des accès (IAM)
- Protection des données
- Sécurité des réseaux
- Sécurité des applications
- Sécurité des postes de travail (Endpoint Security)
- Sécurité des infrastructures
- Connaissance des processus de journalisation de sécurité, de surveillance, de détection des menaces et de réponse aux incidents.
- Expérience des outils de production de rapports de sécurité, de tableaux de bord, d'intelligence d'affaires ou de visualisation de données.
- Des certifications professionnelles telles que CISSP, CISM, Security+, CRISC, CGRC ou l'équivalent constituent un atout.
Compétences recherchées
- Contrôles de cybersécurité
- Gestion des risques technologiques
- Gouvernance, gestion des risques et conformité (GRC)
- Mesure de l'efficacité des contrôles
- Indicateurs clés de contrôle (KCI)
- Indicateurs clés de risque (KRI)
- Indicateurs de cybersécurité et production de rapports
- Analyse de données
- Développement de tableaux de bord
- Gestion des parties prenantes
- Amélioration continue des processus
- Sécurité infonuagique (Azure, AWS, GCP)
Pourquoi vous joindre à nous?
En tant que membre de notre équipe de cybersécurité, vous jouerez un rôle essentiel dans le renforcement de la sécurité de l'entreprise en développant des indicateurs significatifs qui favorisent une meilleure gestion des risques et une prise de décision éclairée.
Vous collaborerez avec des leaders en cybersécurité, en technologies et dans les secteurs d'affaires tout en contribuant à l'évolution des pratiques de gouvernance de la cybersécurité et des initiatives d'amélioration continue de l'organisation.
___________________________________________________________________________________________________________________________________________________________________________
Cybersecurity Controls & Metrics Analyst
Position Summary
We are seeking an experienced Cybersecurity Controls & Metrics Analyst to help define, measure, and enhance technology and cybersecurity control effectiveness across the enterprise. In this role, you will collaborate with security, technology, governance, and data teams to develop meaningful control metrics, establish reporting frameworks, and ensure cybersecurity controls are measurable, effective, and aligned with organizational policies.
The ideal candidate combines strong cybersecurity knowledge with analytical skills and experience developing key control indicators (KCIs), metrics, and reporting that support governance, risk management, and compliance initiatives.
Key Responsibilities
- Define and document cybersecurity and technology control metrics, measurement methodologies, and reporting requirements.
- Partner with control owners and business stakeholders to understand control objectives and translate them into measurable Key Control Indicators (KCIs) and performance metrics.
- Collaborate with Technology Policy and Governance teams to ensure measurement requirements are incorporated into policy design and updates.
- Work closely with data engineering and tooling teams to automate the collection, calculation, and reporting of control metrics.
- Design and improve dashboards and reporting frameworks that provide meaningful insights into control effectiveness and operational risk.
- Analyze data to identify trends, gaps, and opportunities for continuous improvement.
- Ensure metrics are accurate, consistent, and aligned with enterprise governance and compliance requirements.
- Support ongoing enhancements to cybersecurity measurement capabilities, reporting processes, and governance standards.
- Build strong relationships with cross-functional stakeholders across Security, Technology, Risk, and Compliance teams.
Required Qualifications
- Bachelor's degree or equivalent professional experience.
- 5+ years of experience in Information Security, Cybersecurity, Information Technology, or a related field.
- 2+ years of hands-on experience implementing or supporting cybersecurity or technology controls.
- Experience defining cybersecurity metrics, Key Control Indicators (KCIs), Key Risk Indicators (KRIs), or operational performance metrics.
- Strong analytical skills with the ability to interpret data and communicate actionable insights.
- Experience collaborating with cross-functional stakeholders and translating business requirements into measurable outcomes.
- Excellent written and verbal communication skills.
- Strong organizational, problem-solving, and stakeholder management skills.
- Ability to manage multiple priorities in a fast-paced environment.
Preferred Qualifications
- Experience with cybersecurity governance, risk, and compliance (GRC) programs.
- Knowledge of enterprise technology and cybersecurity control frameworks.
- Experience working with cloud security controls in public cloud environments (Azure, AWS, or Google Cloud).
- Familiarity with security domains including:
- Identity & Access Management (IAM)
- Data Protection
- Network Security
- Application Security
- Endpoint Security
- Infrastructure Security
- Knowledge of security logging, monitoring, threat detection, and incident response processes.
- Experience with security reporting, dashboards, business intelligence, or data visualization tools.
- Professional certifications such as CISSP, CISM, Security+, CRISC, CGRC, or similar are preferred.
Preferred Skills
- Cybersecurity Controls
- Technology Risk
- Governance, Risk & Compliance (GRC)
- Control Effectiveness Measurement
- Key Control Indicators (KCIs)
- Key Risk Indicators (KRIs)
- Security Metrics & Reporting
- Data Analysis
- Dashboard Development
- Stakeholder Management
- Process Improvement
- Public Cloud Security (Azure, AWS, GCP)
Why Join Us?
As a member of our cybersecurity team, you'll play a key role in strengthening enterprise security by developing meaningful metrics that drive better risk management and decision-making. You'll collaborate with security, technology, and business leaders while helping shape the organization's cybersecurity governance and continuous improvement initiatives.
Pay Transparency
Where required by law, NTT DATA provides a reasonable range of compensation for specific roles. The starting pay range for this remote role is $74720 - $112,080. This range reflects the minimum and maximum target compensation for the position across all US locations. Actual compensation will depend on a number of factors, including the candidate’s actual work location, relevant experience, technical skills, and other qualifications.
This position is eligible for company benefits including medical, dental, and vision insurance with an employer contribution, flexible spending or health savings account, life and AD&D insurance, short- and long-term disability coverage, paid time off, employee assistance, participation in a 401k program with company match, and additional voluntary or legally-required benefits.
About NTT DATA
NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world’s leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. Our consulting and industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is part of NTT Group, which invests over $3 billion each year in R&D.
Whenever possible, we hire locally to NTT DATA offices or client sites. This ensures we can provide timely and effective support tailored to each client’s needs. While many positions offer remote or hybrid work options, these arrangements are subject to change based on client requirements. For employees near an NTT DATA office or client site, in-office attendance may be required for meetings or events, depending on business needs. At NTT DATA, we are committed to staying flexible and meeting the evolving needs of both our clients and employees. NTT DATA recruiters will never ask for payment or banking information and will only use @nttdata.com and @talent.nttdataservices.com email addresses. If you are requested to provide payment or disclose banking information, please submit a contact us form, .
NTT DATA endeavors to make accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at . This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here . If you'd like more information on your EEO rights under the law, please click here . For Pay Transparency information, please click here .
#LI-NorthAmerica
$82.65k - $101.01k
Type de poste:PermanentÀ la recherche d’une carrière épanouissante... ...réellement votre vie et celle des autres? Vous êtes au... ...aujourd’hui.Nous recherchons un analyste principal ou une analyste principale, S... ...de sécurité, de gérer le contrôle des accès et d’appuyer les activit...PrincipalFlexible hoursDay shift$91.8k - $137.6k
...& Digital Office (CIDO) is seeking a Cybersecurity Analyst / Principal Cybersecurity Analyst to support its... ...monitoring activities, covering all security controls, configurations, and operational... ...Security Test and Evaluation (ST&E) required by each government accrediting...PrincipalFull timeWork at officeLocal areaRelocationFlexible hoursShift work$112.5k - $147.5k
...is looking for an experienced Senior Analyst, IT Internal Controls & SOX Compliance to join the Internal... ...access management, SDLC processes, and cybersecurity controls. Experience with ERP... ...Additionally, Circle participates in the E-Verify Program in certain locations,...SuggestedFlexible hours$95k - $105k
...Will Do GFT is looking for a Cybersecurity Analyst to join our Safety and... ...gathering, and tracking security metrics, developing scorecards for the... ...risk and implement/validate controls. Basic understanding of IC S... ...related certifications (e.g., Security+, CISSP, CISM,...SuggestedFull timeLocal areaRemote work$96.2k - $144.2k
...Secret. Travel: Yes, 10% of the time. Responsibilities This Program Control Analyst position will interface with program managers, functional... ...assisting with the preparation and submission of monthly CDRLs (e.g., IPMR). The role also supports variance‑analysis reports, facilitates...PrincipalWork at officeImmediate startRelocation packageShift work$125k
...Senior Information Security Analyst to spearhead the... ...frameworks such as NIST Cybersecurity Framework (CSF) to create... ...industry standards (e.g., ISO 27001, NIST, GDPR... ...security requirements. Access Control and Identity Management... ...Develop risk KPIs and metrics. Documentation and...Work at officeImmediate startNight shift$117.5k - $176.3k
...and its global allies. What You’ll Get To Do The Senior Principal Program Cost Control Analyst (PCA) will help lead Program Control initiatives across... ...control system. This will include performing Earned Value Metric (EVM) tasks such as Work Breakdown Structure (WBS)...PrincipalContract workRelocation packageShift work$117.5k - $176.3k
...Northrop Grumman Defense Systems (NGDS) Sector is seeking a Principal Program Cost Control Analyst (level 3) or Sr Program Cost Control Analyst (Level 4)... ...Accurately forecast program financial metrics including Orders, Sales, OM and Cash Flow for both booked...PrincipalContract workWork at officeRemote workRelocation packageShift work$84.53k
...Overview Project Controls Analyst Senior, Principal . Under minimal direction, the principal level position serves as a technical leader and subject matter expert for project controls on large, complex transportation capital projects within OCTA’s Capital Programs Division...PrincipalFor contractors$6,492 per month
...Information Security Analyst to join the Information... ...improve endpoint security controls across university... ...and automation tools (e.g., scripting, device... ...Working knowledge of common cybersecurity frameworks and... ...ability to report on metrics and communicate findings...Full timeContract workWork at office- ...a talented Senior QA Analyst to join our AI & Threat... ...Security is transforming cybersecurity for organizations... ...behavior Analyze logs, metrics, and model outputs to... ...participant in the U.S. Federal E-Verify program. We... ...and location, the Controller of personal data (the...Temporary workRemote work
$112k - $134k
...is seeking a Cyber Security Analyst for an onsite position at Edwards... ...implementation of security controls and measures, such as... ...or 5 years of experience in a cybersecurity role. Experience in security... ...security tools and technologies (e.g., SIEM, IDS/IPS, firewalls,...Work experience placementImmediate start- ...skilled and experienced Principal Information... ...experience leading cybersecurity incident response... ...recalling malicious e‑mails; contact... ...to ensure security controls, infrastructure and... ...standards. Support metrics reporting on... ...Certified Intrusion Analyst (GCIA), GIAC Certified...PrincipalWork at officeLocal area
$110k - $140k
...Cybersecurity Analyst About the Role We are hiring a Cybersecurity Analyst to own the day‑to‑day security... ..., secure web access, application control, and identity management. You establish... ...as defined by 8 U.S.C. 1324b(a)(3) (i.e., individual admitted to the U.S. as a...Permanent employmentImmediate start- .... Title: Cyber Security Analyst Location: Irvine, CA... ...lake architecture and services (e.g., S3, Glue, Lake Formation).... ...with information security metrics and reporting frameworks. •... ...with CI/CD pipelines and version control (e.g., Git). ,Roles &...Full timeImmediate startRelocation
- ...Title: Cyber Security Analyst Location: Remote (U.S., New... ...manage and measure security metrics and compliance requirements.... ...7001, CMMC, GDPR, and HIPAA controls into actionable items for clients... ...in a Technology or Cybersecurity field OR 4+ years of direct...Work experience placementSummer workRemote work
$181.8k - $202k
...organizations defend against cybersecurity threats with... ...a Leader by multiple analyst firms and have been globally... ...specific ramp curves (e.g., longer Enterprise... ...mastery of SaaS GTM metrics: bookings, ACV, ARR, attainment... ...are among the largest controllable investments Cohesity...Full timeWork at office2 days per week3 days per week$102.17k
...Team as a Senior Cyber Security Analyst, where you will operate at the intersection of cybersecurity and DevSecOps to protect... ...development lifecycle—embedding security controls, identifying vulnerabilities,... ...efforts for complex incidents (e.g., APTs, data breaches),...H1b$140k - $165k
Job Summary Senior Cybersecurity Analyst - CONTINGENT - 26-022 - Hybrid, Job Type: Full-Time. THIS POSITION... ...team in San Diego. We require E-Verify and a security clearance. Competitive... ..., SSP, SAP development, NIST 800-53 control implementation, Security POA&Ms....Full timeContract workFor contractorsWork experience placementRemote work- ...Responsibilities: Conduct comprehensive cybersecurity assessments to identify... ...and implement security controls and measures Conduct penetration... ...Consultant, Cybersecurity Analyst, or similar role Strong knowledge... ...and compliance standards (e.g., GDPR, HIPAA, ISO 27001) Experience...Contract workRemote work
$130k - $180k
...Management System (IWMS) Analyst to support the OPS3... ...workflows. Oversee quality control for integration scripts... ...ARCHIBUS project metrics, status updates, and analytical... ...ensure compliance with cybersecurity requirements. Perform... ...proficiencies (i.e. processes, procedures,...For contractors$70k - $95k
...needs. Your Role: The Cybersecurity Analyst will monitor, maintain, and... .... Provide reporting and metrics on the information security... ...and monitor security controls such as patch management, firewalls... ...****@*****.***. W e collect your personal information...Summer workFlexible hours- ...Corporation is seeking an IT Security Analyst to join our US Air Force team... ...designed for command, control, processes, and systems.... ...related technical discipline in cybersecurity or information technology. CompTIA... ...from a variety of sources (e.g., destructive programs/...For contractorsLocal areaImmediate start
$130k - $180k
...on Mars. SR. CYBER ASSURANCE ANALYST, STARLINK Cyber Assurance is... ...execution -- validating that controls are in place, risks are managed... ...certification efforts (e.g. telecom, CPE, or country-specific... .... 5+ years of experience in cybersecurity compliance, audit or...Permanent employmentTemporary workRemote workFlexible hoursWeekend work$115k - $125k
...Meats is seeking an IT Security Analyst. Reporting to the Director of... ..., and fostering a culture of cybersecurity awareness across our... ...threat intelligence and security controls to identify infected systems,... ...regular vulnerability assessments (e.g., using Rapid7, Nessus, or...Temporary workLocal areaShift work$94.2k - $141.2k
...not only part of history, they're making history. Northrop Grumman Aeronautics Systems is seeking a qualified Principal Program Cost Schedule & Control Analyst (level 3) to join our Budgets, Rates, and Overhead Management group of qualified, diverse individuals. This position...PrincipalWork at officeRelocation packageShift work$69.3k - $158k
...Cybersecurity Engineer and Risk Analyst We are looking for an experienced cybersecurity and security engineer... ...threats and implement infrastructure controls. In this role, you’ll impact Navy... ...schedule, performance, and quality metrics within the systems development lifecycle...Local area- ...Hybrid) Need W2 candidates. Cybersecurity Risk Analyst The Cybersecurity Risk... ...a cybersecurity program and control assessor and advisor in governance... ...and maintain cybersecurity metrics for all levels of management... ...and related documentation (e.g., system life-cycle support...
$209.09k - $303.34k
...The Technical Lead Sr Principal Software Engineer, BSW... ...party stack integration (e.g., OS, hypervisor,... ...architecture supports ISO 26262, cybersecurity requirements, and... ...and review. Define metrics and continuous-... ...is subject to export control and sanctions compliance...PrincipalPermanent employmentTemporary workWorldwide$117k - $151k
...Governance, Risk & Compliance Analyst Full-time Workplace Type: Remote... ...of identified control gaps. Develop and maintain TPRM... ...meaningful reporting, dashboards, and metrics that provide leadership with clear... ...and risk management frameworks (e.g., NIST, ISO, SOC 2)....Full timeContract workRemote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Analyste principal(e) - Contrôles et indicateurs de cybersécurité | Cybersecurity Controls & Metrics. Be the first to apply!
- senior principal cloud computing engineer California
- principal California
- cybersecurity specialist California
- senior cybersecurity engineer California
- cyber security California
- cyber security architect California
- cybersecurity California
- remote cyber security California
- cybersecurity software engineer California
- IT cyber security California

