Massachusetts Information Technology Jobs

Search for Jobs in Information Technology
MassHire JobQuest Logo

Job Information

Fresenius Medical Care North America Lead Information Security Governance Analyst in Lexington, Massachusetts



Purpose and Scope: The Lead Information Security Governance Analyst leads the integration of cybersecurity governance processes into IT and business operations on a global scale. This role will be responsible for building and maintaining a global, unified information security framework that addresses requirements spanning 150 countries and numerous diverse verticals.

Required Skills:

  • Advanced understanding of cybersecurity regulations and standards, including but not limited to HIPAA, SOC 2, FIPS, NIST publications, ISO 27000 series, HITRUST, CSA CCM, etc.

  • Proven experience in conducting advanced assessments using a variety of frameworks.

  • Ability to provide technical leadership to cross-functional teams, delivering results with minimal supervision.

  • Demonstrated experience with ServiceNow GRC or a similar tool is a plus.

  • Advanced knowledge of scripting languages and data modeling is a plus.

Principal Duties and Responsibilities:

  • Lead the identification, implementation, monitoring, and enforcement of information security frameworks.

  • Conduct maturity assessments to continuously validate and enhance global cybersecurity posture.

  • Advance the enterprise-wide cybersecurity governance function by fostering a union of business risk and information security practices.

  • Establish, measure, and manage metrics to quantify and report global security posture.

  • Collaborate with business and IT leaders to analyze key global processes and develop cybersecurity requirements.

  • Provide strategic direction within IT and information security initiatives to ensure the delivery of compliant and risk-efficient solutions.

  • Support the development and implementation of global cybersecurity policies, standards, and procedures aligned with industry best practices, including NIST CSF and 800-series publications.

  • Work closely with threat and vulnerability intelligence teams, guiding the development of governance scenarios in response to the evolving threat landscape.

  • Articulate cybersecurity governance in business terms and champion awareness around IT governance, risk, and compliance.

  • Other duties as assigned.

Education and Experience:

  • Bachelor's Degree or an equivalent combination of education and experience.

  • Degree in a related discipline (e.g., Computer Science or Computer Information Technology) is desired.

  • 5+ years' related experience, demonstrating proficiency in cybersecurity governance, information security, and/or technology roles.

  • Relevant certifications such as CISSP, CISA, CISM, or CRISC are highly desirable.