We are seeking a highly analytical and detail-oriented Cybersecurity Metrics and Reporting lead to support the organization’s security performance tracking and decision-making processes. This role will focus on developing, managing, and automating security metrics and dashboards to provide insights into threat trends, risk posture, compliance status, and the overall effectiveness of the cybersecurity program.

Key Responsibilities:

🔹 Metrics & Reporting Framework

Design and maintain cybersecurity metrics and Key Performance Indicators (KPIs) to measure control effectiveness, risk exposure, and compliance status.Develop and automate dashboards and reports using platforms such as Power BI, Tableau, or equivalent BI tools.Ensure timely, accurate, and consistent data reporting across multiple cybersecurity domains (e.g., vulnerability management, incident response, phishing simulations, access management).

🔹 Data Architecture & Integration

Design and manage the data model for reporting across multiple sources.Leverage Federal Data Lake and related platforms for secure, scalable data integration.Ensure data accuracy, consistency, and traceability across dashboards and reports.

🔹 Collaboration & Leadership

Partner with cross-functional teams to aggregate, standardize, and validate data from multiple cybersecurity tools.Deliver regular and ad-hoc reports to leadership, auditors, and stakeholders to support strategic decisions and regulatory requirements.Present findings in executive-friendly formats that translate technical data into business-relevant insights.

🔹 Governance & Compliance

Establish governance processes for metric definitions, data quality, and reporting cadence.Identify data gaps or quality issues and coordinate remediation with technical teams.Support compliance and audit reporting needs for standards such as NIST, ISO 27001, GDPR, and others.

Qualifications:

Bachelor's degree in Computer Science, Cybersecurity, Data Analytics, Information Systems, or related field.Relevant certifications such as CISSP, CISM, CISA, or certifications in cybersecurity control frameworks (e.g., ISO 27001, NIST Cybersecurity Framework) are advantageous.7+ years of experience in cybersecurity or IT risk functions, with 3+ years in a metrics, reporting, data architect and data analytics leadership role. Proven experience with dashboard/reporting tools (e.g., Power BI, Tableau, Qlik).Strong understanding of cybersecurity concepts, frameworks (NIST, MITRE ATT&CK), and metrics (e.g., MTTD, MTTR, patching SLAs).Familiarity with security tools and platforms (e.g., SIEMs, vulnerability scanners, EDR, GRC platforms).Proficient in Excel, SQL, Python or Power Query for data manipulation and automation.Strong communication skills, with the ability to explain complex technical data to non-technical audiences.Experience with compliance and audit reporting is a plus.