IT Cyber Analyst
Role details
Job location
Tech stack
Job description
Novolex is seeking an IT Cyber Analyst to oversee and mature our cybersecurity governance framework, ensuring that enterprise policies, standards, procedures, and KPIs are consistently followed across the organization. Reporting to the VP of Cybersecurity, this role plays a key part in strengthening overall cyber program adherence, supporting regulatory alignment, and driving accountability across IT and business teams. The ideal candidate will have strong experience in cybersecurity governance, control frameworks, and enterprise program management.
Cyber Governance & Policy Management
- Maintain and update cybersecurity policies, standards, and procedures to align with enterprise requirements and industry frameworks.
- Coordinate the policy lifecycle including drafting, review, approvals, and recertification.
- Ensure organizational alignment to governance requirements and escalate non-adherence.
Cybersecurity Program Oversight
- Track execution of the cybersecurity roadmap.
- Collect program updates from domain owners and ensure alignment to governance expectations.
- Identify gaps or risks affecting program objectives and recommend remediation.
KPI, Metrics & Reporting
- Maintain and report on cybersecurity KPIs, KRIs, and dashboards.
- Validate data sources and ensure reporting accuracy.
- Develop executive-level governance materials.
Risk & Compliance Alignment (Non-Audit)
- Maintain alignment of the cybersecurity program to regulatory and industry frameworks.
- Support governance processes for risks, exceptions, and policy deviations.
- Participate in governance committees and support control adherence documentation.
Cross-Functional Governance Support
- Facilitate governance meetings and follow-ups.
- Enforce standards for consistency across cyber domains.
- Act as a central coordination point for governance initiatives.
Requirements
- Bachelor's degree in Information Security, IT, Risk Management, or related field.
- 3-5 years experience in cybersecurity governance, IT GRC, or similar.
- Strong understanding of NIST CSF, ISO 27001, CIS Controls.
- Experience developing or managing cybersecurity policies and governance processes.
- Strong KPI/KRI reporting and dashboarding skills., * CISA - Certified Information Systems Auditor
- CRISC - Certified in Risk and Information Systems Control
- CISM - Certified Information Security Manager
- CISSP - Certified Information Systems Security Professional
- Security+ - CompTIA Security+ ISO 27001 Lead Implementer or Auditor (optional but valuable
Benefits & conditions
With safety as our top priority and a commitment to employee well-being an important focus, we offer comprehensive and competitive benefits that include medical, dental and vision insurance as well as a variety of other well-being resources focused on mental, physical and financial health. Specific benefits and well-being programs may vary depending on where you work.
Community Engagement
At Novolex, giving back to the local communities that support us is important. Our Focused Giving Program prioritizes support for organizations whose missions promote sustainability initiatives or address food and hunger needs. We also encourage facility level support of activities in the communities where our employees live and work.
Training and Development
We offer constant opportunities for advancement. From skills development to advanced education programs, training and development programs and courses are available through MyLearning. Programs include company and industry training curricula, support for formal education through the Tuition Reimbursement Program (Non-Union), and a Learning Management System that supports and enhances employee skills at all levels of the organization.