Job Title: Cyber Risk Analytics & Data Intelligence Lead
Level: 5A
Location: Bengaluru, India
Reporting To: Global Head of Cyber Strategy
Job Purpose
This role is the analytics engine for Enterprise Cyber Risk, responsible for redefining fragmented cyber risk data into a single source of truth, automated intelligence, and executive-ready insights. Define and institutionalize enterprise cyber risk metrics, scoring logic, and analytical standards.

The position is primarily analytics and automation driven (70%), passionate about:

• Enterprise risk data modeling
• Power BI dashboard architecture
• Risk intelligence & pattern analysis
• Reporting automation
• Predictive and forward-looking indicators

Cyber risk domain knowledge (30%) ensures outputs align to NIST/ISO and enterprise risk governance.

This is not a traditional GRC operations role. This role does not own policy management, audit execution, or control operations. This is a data-driven risk intelligence role**. Success in this role will be measured by measurable reduction in manual reporting, improved data reliability, and enhanced executive risk decision-making maturity.**

Ideal Candidate Profile:

You are a data-driven problem solver who thrives in sophisticated environments, enjoys building scalable analytics frameworks from fragmented data sources, and can translate technical risk data into executive-level insight.

Core Responsibilities:

• Enterprise Risk Data & Analytics (Main Focus)- Build & own the enterprise cyber risk data architecture layer

• Build executive-level Power BI dashboards enabling:Risk exposure trends (3/6/12 months)

• Risk concentration & clustering

• Risk aging & SLA breach analysis

• Risk churn (new vs closed vs reopened)

• Residual risk movement

• Develop sophisticated DAX measures for:Risk aging

• Control efficiency scoring

• Risk drivers contribution

• Tolerance breaches

• Build automated risk exposure scoring frameworks

• Automation & Data Integration- Build a fully automated, scalable risk intelligence reporting ecosystem

• Integrate 2-3 core data sources within first 30-90 days:GRC platform

• Vulnerability management tools

• Incident metrics

• Define standardized risk metrics and calculation logic

• Improve data quality (excess, missing values, latency)

• Implement automated refresh & validation checks

Sophisticated Risk Intelligence & Analytics:

Move the organization from descriptive reporting to diagnostic and predictive risk intelligence. Develop intelligence beyond static reporting for listed topics:

• Risk concentration analysis

• Repeat risk pattern detection

• Control failure rate analytics

• Threat to Risk mapping

• Near-miss analysis

• Cloud risk posture scoring

• Shadow IT exposure indicators

• Leading indicators for risk critical issue

• Early warning signals for control decay

• Executive Risk Storytelling- Elevate cyber discussions from technical metrics to business risk impact

• Identify where risk exceeds tolerance

• Provide single-page leadership views

• Demonstrate measurable risk reduction over time

• Present insights in leadership forums

• Cyber Risk Governance Alignment (Supporting 30%)- Map analytics to NIST CSF / ISO 27001

• Provide analytics support to risk governance forums and audit reviews

• Ensure traceability: risk → control → remediation

• Supervise remediation progress & residual risk movement

Required Experience & Skills:

• Experience- 5-10 years in Data Analytics, Enterprise BI, Risk Analytics, or Operational Intelligence roles

• Experience building executive dashboards in sophisticated enterprises

• Experience in automation & data integration

• Ability to quickly understand cyber risk concepts, deep cyber technical expertise is not required.

• Experience with enterprise data platforms preferred.

• Experience working with APIs and automating data ingestion pipelines.

• Required Skills- Sophisticated Power BI (data modeling + DAX mandatory)

• Strong data modeling & critical metric architecture

• Automation & Data Engineering outlook

• Experience integrating multiple enterprise systems

• Experience working with structured and semi-structured data

• Understanding of data governance and metadata management

• Strong analytical reasoning, ability to identify patterns, correlations, and leading indicators

• Nice to Have (Not Required)- Understanding of NIST / ISO

• Exposure to GRC platforms

• Cyber risk committee experience

• Certifications (CISSP or similar)

Tools & Technology Environment:

Familiarity working within enterprise environments that include:

• Power BI (Primary visualization platform)
• Enterprise GRC platform
• Vulnerability management platforms
• Incident management systems
• Cloud security tooling
• SQL-based data environments