Cyber Risk Governance & Reporting Analyst
Calling all innovators - find your future at Fiserv.
We're Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants and consumers to one another millions of times a day - quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we're involved. If you want to make an impact on a global scale, come make a difference at Fiserv.
Job Title
Cyber Risk Governance & Reporting AnalystWhat does a successful Cyber Risk Governance and Reporting Analyst do at Fiserv?
A successful Cyber Risk Governance and Reporting Analyst drives governance, risk tracking, and remediation oversight across enterprise cybersecurity initiatives. This role connects Cybersecurity, Technology, Infrastructure, Application Development, AI Engineering, and business leadership to identify, escalate, and reduce cyber risk in line with organizational commitments. This person also delivers clear executive reporting, strengthens accountability, and helps move complex remediation efforts forward across multiple high-visibility programs.
What you will do?
- Govern and track remediation activities across enterprise cybersecurity initiatives, monitor risk posture, escalate blockers and overdue commitments, and facilitate governance forums, executive reviews, risk treatment discussions, and remediation planning sessions.
- Lead vulnerability management governance by tracking remediation for infrastructure and application vulnerabilities, CISA Known Exploited Vulnerabilities, external threat intelligence findings, and attack surface management findings while supporting risk treatment, compensating controls, and exception management.
- Use ServiceNow Vulnerability Response as the system of record to monitor lifecycle metrics, SLA adherence, aging, remediation status, risk trends, data quality, and executive dashboard reporting.
- Oversee bug bounty, vulnerability disclosure, ethical hacker, web application firewall, and attack surface governance activities by coordinating response efforts, prioritizing remediation based on exploitability and business risk, and tracking externally exposed applications and protection gaps.
- Support agentic AI and emerging technology security programs, maintain integrated remediation plans across multiple initiatives, track milestones and dependencies, and produce daily, weekly, and monthly executive reporting for CIOs, technology executives, cybersecurity leadership, and executive risk committees.
What you must have?
- 5+ years of experience in Cybersecurity, Technology Risk, Governance, Vulnerability Management, Security Operations, or Technology Program Management.
- 3+ years of experience coordinating enterprise-wide cybersecurity remediation initiatives across multiple stakeholder groups.
- 2+ years of experience preparing executive-level reporting and communications for senior technology or cybersecurity leaders.
- 2+ years of experience using governance, metrics, and action tracking to manage milestones, dependencies, risks, blockers, and remediation progress.
What would be nice to have?
- 1+ industry certification such as CISSP, CRISC, CISM, Security+, PMP, Agile, or an equivalent credential.
- Experience supporting 3+ executive audiences, such as CIOs, cybersecurity leadership, executive risk committees, or board-level stakeholders.
- Experience in 1+ highly regulated industries, including financial services or critical infrastructure.
Important info about this role:
We’re better together! This role is fully on-site
This is a full-time, direct-hire position, and no contract options or unsolicited agency submissions will be considered
You must currently possess valid and unrestricted U.S. work authorization to be considered for this role. Individuals with temporary visas including, but not limited to, F-1 (OPT, CPT, STEM), H-1B, H-2, or TN, or any candidate requiring sponsorship, now or in the future, will not be considered for this role
Salary Range
$78,000.00 - $138,000.00These pay ranges apply to employees in New Jersey and New York. Pay ranges for employees in other states may differ.
It is unlawful to discriminate against a prospective employee due to the individual's status as a veteran.
For incentive eligible associates, the successful candidate is eligible for an annual incentive opportunity which may be delivered as a mix of cash bonus and equity awards in the Company’s sole discretion.Thank you for considering employment with Fiserv. Please:
- Apply using your legal name
- Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).
Our commitment to Equal Opportunity:
Fiserv is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, disability, protected veteran status, or any other category protected by law.
If you have a disability and require a reasonable accommodation in completing a job application or otherwise participating in the overall hiring process, please contact AskHR.US@fiserv.com. Please note our AskHR representatives do not have visibility to your application status. Current associates who require a workplace accommodation should refer to Fiserv’s Disability Accommodation Policy for additional information.
Note to agencies:
Fiserv does not accept resume submissions from agencies outside of existing agreements. Please do not send resumes to Fiserv associates. Fiserv is not responsible for any fees associated with unsolicited resume submissions.
Warning about fake job posts:
Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information. Any communications from a Fiserv representative will come from a legitimate Fiserv email address.