ASSIGNMENT DETAILS:
Position Title: US - IT - Info Security Analyst V (US equivalent of TDJP00057332)
# of positions: 2
Start Date: ASAP
Duration: 8 months
Extension possible: Possibility based off of business needs and performance
Conversion Possible: Possibility based off of business needs and performance
Billing Cost Center: 1274
Business Unit: 4 - Global Security and Defence (S_1017254)
Schedule: M-F, core business hours 40 hours per week, 8 hours per day
OT: No
Rotation: No
Work Location:
• Remote, Onsite, or Hybrid: hybrid if they live near a hub or remote if they do not
• Anchor Days (if applicable): N/A
• Address: we will discuss hub and remote details in the supplier call tomorrow
Travel Required: No
Possibility of any Additional Upcoming Furlough: Standard
STORY BEHIND THE NEED:
Reason for request/why opened: Project support
Scope of Project: uplifting reporting space within GRC groups
Team Size/Culture: 10 people, collaborative working environment
Training Period: TD onboarding and hit the ground running
Selling Points of Position (CVP): Opportunity for long-term, very high visibility work with leadership team, opportunity to network and grow within bank
ADMIN/CLERICAL ONLY:
Back-office vs Telephone work:
CANDIDATE PROFILE DETAILS:
Degree/Level of Education: Post secondary is a nice to have work experience is more important
Certifications Required: Nothing required
Years of Overall Experience: 5+ years with flexibility
How will performance be measured: hitting deliverables and timelines
Preferred/Ideal Candidate Background: banking or financial experience is an asset, strong BI tool experience and advanced level Excel skills
SUMMARY OF THE ROLE:
• Typical Day-to-Day Responsibilities
• How much time is being spent in meetings 25% of their day will be spent in meetings
• Who are they interacting with (internal/external) internal partners
• Will the contractor have access to any customer data? No
Role Summary
The Security Metrics & Reporting Analyst is responsible for the ongoing execution and maintenance of cybersecurity metrics, including KRIs, KPIs, and operational security performance measures. This role supports consistent reporting across security domains by ensuring metrics are refreshed on schedule, validated for data quality, and delivered through dashboards and reporting packages for leadership and key stakeholders.
This role focuses on business-as-usual (BAU) metrics operations, including data hygiene, dashboard maintenance, reporting production, and metric issue resolution partnering closely with security domain teams, data owners, and analytics stakeholders.
Key Responsibilities
Metrics Execution & Refresh Cycles
• Execute recurring security metric refresh processes (weekly, monthly, quarterly), ensuring deliverables are completed on schedule.
• Maintain metric reporting calendars and confirm metric owners provide inputs within defined timelines.
• Track metric completion, dependencies, and exceptions.
Reporting & Dashboard Maintenance
• Maintain dashboards and reporting outputs (e.g., Power BI/Tableau), including:
• scheduled refresh validation
• visual checks and formatting consistency
• metric drill-down updates and annotations
• Produce recurring executive and operational reporting packages (monthly security scorecards, ops reviews, risk reports).
Data Quality & Validation
• Perform quality checks to validate data completeness and integrity, including:
• variance analysis (e.g., large month-over-month changes)
• missing / delayed data flags
• logic validation (formula checks, filters)
• Document data quality issues and coordinate with data owners to resolve.
• Maintain metric definitions, calculation references, and source system documentation.
Metric Intake & Change Support
• Support change requests for metrics such as:
• definition updates
• threshold / limit changes
• dashboard enhancements
• Track requests and ensure changes are reviewed/approved by the metric governance group, ORM challenge
Operational Support & Stakeholder Coordination
• Serve as a reliable point of contact for stakeholders seeking metric clarification or reporting support.
• Support preparation of talking points and narratives (what changed, why it changed, what action is needed).
• Assist in audit support requests by gathering metric artifacts and evidence of metric controls.
Key Skills & Competencies
• Strong organization and follow-through
• Structured thinker, process-oriented
• Data quality mindset and precision
• Professional communication and "clean documentation
• Continuous improvement orientation
Success Criteria (first 6 12 months)
• On-time delivery of all metric refreshes and reporting cycles
• Reduced data quality issues and faster resolution of reporting defects
• Improved stakeholder satisfaction and trust in reporting outputs
• Documented and repeatable BAU reporting procedures
MUST-HAVE Hard Skills:
1.) 5+ years experience in reporting, analytics, operations, cybersecurity support, IT risk, or compliance functions.
2.) Proficiency with:
-Excel (intermediate-advanced)
-PowerPoint (clear reporting packages)
-At least one dashboarding tool (Power BI / Tableau / Qlik preferred)
SOFT SKILLS:
1.) Strong ability to communicate with technical and non-technical stakeholders
2.) Comfort working with recurring deliverables and managing deadlines
3.) Strong attention to detail; demonstrated ability to detect anomalies and errors in reporting
NICE-TO-HAVE
1.) Familiarity with one or more cybersecurity domains.
-SOC / incident response metrics
-vulnerability metrics
-IAM metrics (joiner/mover/leaver, access recertification, PAM coverage)
-security awareness / phishing metrics
2.) Experience with security tooling data sources:
-ServiceNow, Archer
-Splunk / Sentinel
-Tenable / Qualys
3.) Knowledge of common security frameworks (NIST CSF, ISO 27001)
DISQUALIFIERS is there any information/experience on a candidate's resume that would disqualify them from consideration for this position?
1.) Job hopping, short term contracts, unexplained gaps
TIMELINES/IMPORTANT DATES:
• Upcoming PTO: Fred 16-20 th
• Supplier Call: Feb 11 th at 3pm (45 minutes)
• Distribute Requisition: Feb 11 th
• Halting: Feb 13 th
• Shortlist De-Brief: 24 hours
• Target interview: Feb 18 th and onward
• Interview process: 1-2 steps, virtual, 30 minutes
• Interview de-brief: as completed
Remote
About the Company:
GTT, LLC