Senior Governance Analyst

The mission of The New York Times is to seek the truth and help people understand the world. That means independent journalism is at the heart of all we do as a company. It's why we have a newsroom that's 1,700 strong and sends journalists to report on the ground from nearly 160 countries. It's why we focus deeply on how our readers will experience our journalism, from print to audio to a world-class digital and app destination. And it's why our business strategy centers on making journalism so good that it's worth paying for.

Note for US based roles: Any offer of employment is contingent on providing proof of Covid-19 vaccination prior to your start date, subject to approved medical and/or religious exemptions, in accordance with applicable law.

Job Description

About the Role

The New York Times is looking for an enthusiastic professional to join the Governance, Risk and Compliance team as a Senior IT Governance Analyst, focusing predominantly on supporting our Governance related workstreams including implementation and maintenance of our eGRC solution and Policy Governance.

The Governance, Risk & Compliance team is responsible for the Risk Governance, Risk Frameworks and Risk Issue Management related to systems, infrastructure, processes and third parties. In addition, the team manages global Policy Governance, Compliance monitoring and reporting, PCI Compliance, and application administration of our Integrated Risk Management solution. The team works across the company and in particular with Technology, Legal, Finance, Human Resources, and Data Governance.

Responsibilities:
  • Understanding evolving business requirements and conceptualize process/workflow/automated support through eGRC solution
  • Software application administration of current and future tools for use in IT Security Governance Risk and Compliance (GRC). Develops and tests application configuration updates in the development environment before migration to production for use by the full organization. Act as subject matter expert for this function and assess and evaluate new and/or existing tools.
  • Develops and maintains user documentation and instructions for all IT Security Governance and Compliance tools. Conduct training of new/existing users on all supported tools. Maintain application and support the end users to ensure a continual and efficient operation.
  • Provide KPIs and metrics for Security Incidents, Risks, Vulnerabilities, and other indicators of success to be reported monthly, quarterly, and annually; as derived from eGRC solution
  • Acts as a liaison and IT GRC expert. Serves as a source of information on the IT Security Governance and Compliance needs and regulatory environment.
  • Focus on Governance support for Identity & Access MGT function
  • Assist with the definition and implementation of best practice IAM business processes, risk & controls
  • Oversee the creation and maintenance of policies, procedures, and internal control documentation required for user provisioning, role changes de-provisioning, auditing, etc.
  • Assist with enterprise wide IAM application risk prioritization and scoping analysis, including risk & control self-assessments
  • Proactively works with technology and business managers to identify potential issues and ensures effective remediation and communication
  • Recommending improvement opportunities for IAM processes, reducing inefficiencies and improving the Times' risk posture
  • Work with the broader RISC and CIO Org to interpret policies and standards, ensuring policies and standards are properly followed by new and existing IAM solutions
  • Key Working Relationships: Auditors, regulators & business stakeholders, InfoSec, Legal, IAM Program Stakeholders


As a Senior IT Governance Analyst, you should:
  • Be highly organized and detail-oriented, with strong analytical problem solving skills
  • Be able to handle multiple tasks in a fast-paced, deadline-driven environment, while working both independently and as part of a team
  • Display excellent verbal and written communication and interpersonal skills



Qualifications:
  • 5+ years of experience with information technology as an analyst or in a technical role
  • Strong MS Excel/Google Sheets skills for data analysis and manipulation


Preferred Qualifications:
  • Implementation and continuous improvement of eGRC Solution
  • Working knowledge with technology risk management
  • Application development, scripting or database knowledge


#LI-AM1

The New York Times is committed to a diverse and inclusive workforce, one that reflects the varied global community we serve. Our journalism and the products we build in the service of that journalism greatly benefit from a range of perspectives, which can only come from diversity of all types, across our ranks, at all levels of the organization. Achieving true diversity and inclusion is the right thing to do. It is also the smart thing for our business. So we strongly encourage women, veterans, people with disabilities, people of color and gender nonconforming candidates to apply.

The New York Times Company is an Equal Opportunity Employer and does not discriminate on the basis of an individual's sex, age, race, color, creed, national origin, alienage, religion, marital status, pregnancy, sexual orientation or affectional preference, gender identity and expression, disability, genetic trait or predisposition, carrier status, citizenship, veteran or military status and other personal characteristics protected by law. All applications will receive consideration for employment without regard to legally protected characteristics. The New York Times Company will consider qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local "Fair Chance" laws.