Associate Identity Governance Analyst

Immediate need for a talented Cyber Threat and Exposure Management (TEM) Oversight and Governance. This is a 12 months contract opportunity with long-term potential and is located in Charlotte, NC / Atlanta, GA (Hybrid) . Please review the job description below and contact me ASAP if you are interested. Job ID:26-02760 Pay Range: $100 - $110/hour. Employee benefits include, but are not limited to, health insurance (medical, dental, vision), 401(k) plan, and paid sick leave (depending on work location). Key Responsibilities: HM Notes: Exp in vulnerability management Do not want and engineer or an architect They will be working in high pace environment Governance, Risk & control No preference years of exp needed but the person should be very smart who can do things proactively. Remediation Understanding Mitigating risks factors Reduce the risk of the vulnerability Hands on role with potential leadership role down the line If someone has some leadership skills like to be a director or so will help. Banking/financial domain is very important He needs someone FFIEC guidelines, CRI framework Align with client Protection Services (TPS) priorities that define 'our what' that may change based on business need Own the end-to-end governance framework for the Vulnerability and Patch Management program, including routines, escalation paths, and decision forums Design, document, and maintain governance processes, standards, SOPs, and control execution procedures Lead control lifecycle management activities, including control design, effectiveness validation, issue identification, and remediation tracking Provide risk-based oversight of vulnerability identification, prioritization, remediation timelines, and exception handling Own issue management workflows, including root cause analysis, action plan approval, tracking, and formal closure Facilitate recurring governance routines (weekly, monthly, ad-hoc), ensuring clear decisioning, documentation, and follow-through Define, monitor, and report KPIs and KRIs related to vulnerability posture, control health, and remediation performance Partner with operational security teams (Infrastructure, Application Security, Red Team, etc.) to align governance requirements with execution realities Act as a primary interface for audit, risk, and compliance stakeholders on vulnerability governance topics Drive continuous improvement by identifying systemic gaps, emerging risks, and opportunities to mature governance effectiveness Integrate threat intelligence, exploit availability, and external advisories into vulnerability prioritization models to support dynamic risk response Extend governance oversight to vulnerabilities impacting critical third-party providers and cloud hosted services Drive patching and vulnerability requirements into the third-party risk management and contractual obligations and assessments Leads complex and visible projects with moderate to high risk and complexity " Key Requirements and Technology Experience: Must have skills: Vulnerability, risk, Governance, regulation 10 years of experience in cybersecurity, technology risk management, or vulnerability management governance Demonstrated experience designing and operating governance routines and escalation frameworks Strong understanding of vulnerability management tooling, patching methodologies, and remediation constraints across infrastructure, cloud, endpoints, and applications Experience with control frameworks and issue management processes Ability to communicate technical risk clearly and credibly to executive, risk, and regulatory stakeholders Strong facilitation and negotiation skills across technology, security, compliance, and business teams Proven ability to drive disciplined governance while enabling business agility Experience working with systems of record like GRC, ITSM related tools Strong written communication skills for standards, procedures, and governance documentation Analytical mindset with experience defining and interpreting metrics and trends Comfort operating in regulated environments (financial services, or similar) Previous experience in leading complex IT projects Direct experience supporting regulatory frameworks (e.g., NYDFS, FFIEC, PCI, SOX, GLBA) Prior second line (oversight) or internal audit experience Experience standing up new governance functions or maturing immature programs Familiarity with Red Team, Penetration Testing, or Threat-Driven Risk models Experience leading or mentoring governance or risk teams Exposure to executive risk committees or board-level reporting CISSP Certification Our client is a leading Financial Industry, and we are currently interviewing to fill this and other similar contract positions. If you are interested in this position, please apply online for immediate consideration. Pyramid Consulting, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, colour, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. By applying to our jobs you agree to receive calls, AI-generated calls, text messages, or emails from OpenKyber and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy .

For applications and inquiries, contact: [email protected]