Senior Governance Analyst

The New York Times
  • Location
    New York, New York
  • Sector
  • Experience
    Mid Career
  • Posted
    Nov 16

Position description

The New York Times is looking for an enthusiastic professional to join the Governance, Risk and Compliance team as a Senior IT Governance Analyst, focusing predominantly on supporting our Governance related workstreams including implementation and maintenance of our eGRC solution and Policy Governance. 

The Governance, Risk & Compliance team is responsible for the Risk Governance, Risk Frameworks and Risk Issue Management related to systems, infrastructure, processes and third parties. In addition, the team manages global Policy Governance, Compliance monitoring and reporting, PCI Compliance, and application administration of our Integrated Risk Management solution. The team works across the company and in particular with Technology, Legal, Finance, Human Resources, and Data Governance.



  • Understanding evolving business requirements and conceptualize process/workflow/automated support through eGRC solution

  • Software application administration of current and future tools for use in IT Security Governance Risk and Compliance (GRC). Develops and tests application configuration updates in the development environment before migration to production for use by the full organization. Act as subject matter expert for this function and assess and evaluate new and/or existing tools.

  • Develops and maintains user documentation and instructions for all IT Security Governance and Compliance tools. Conduct training of new/existing users on all supported tools. Maintain application and support the end users to ensure a continual and efficient operation.

  • Provide KPIs and metrics for Security Incidents, Risks, Vulnerabilities, and other indicators of success to be reported monthly, quarterly, and annually; as derived from eGRC solution

  • Acts as a liaison and IT GRC expert. Serves as a source of information on the IT Security Governance and Compliance needs and regulatory environment.

  • Focus on Governance support for Identity & Access MGT function 

  • Assist with the definition and implementation of best practice IAM business processes, risk & controls

  • Oversee the creation and maintenance of policies, procedures, and internal control documentation required for user provisioning, role changes de-provisioning, auditing, etc.

  • Assist with enterprise wide IAM application risk prioritization and scoping analysis, including risk & control self-assessments

  • Proactively works with technology and business managers to identify potential issues and ensures effective remediation and communication

  • Recommending improvement opportunities for IAM processes, reducing inefficiencies and improving the Times’ risk posture

  • Work with the broader RISC and CIO Org to interpret policies and standards, ensuring policies and standards are properly followed by new and existing IAM solutions

  • Key Working Relationships: Auditors, regulators & business stakeholders, InfoSec, Legal, IAM Program Stakeholders


As a Senior IT Governance Analyst, you should:

  • Be highly organized and detail-oriented, with strong analytical problem solving skills

  • Be able to handle multiple tasks in a fast-paced, deadline-driven environment, while working both independently and as part of a team

  • Display excellent verbal and written communication and interpersonal skills


  • 5+ years of experience with information technology as an analyst or in a technical role

  • Strong MS Excel/Google Sheets skills for data analysis and manipulation 


Preferred Qualifications:

  • Implementation and continuous improvement of eGRC Solution

  • Working knowledge with technology risk management

  • Application development, scripting or database knowledge 

Application instructions

Please be sure to indicate that you saw this position on