About this role
Principal Associate, Cyber Controls Monitoring Analyst develops, maintains, and automates health metrics for cyber controls, transforming telemetry into real-time insights. The role bridges GRC and engineering to reduce risk through automated monitoring and data-driven remediation.
Key Responsibilities
- Metric Engineering
- ETL Pipeline Development
- Technical Troubleshooting
- Stakeholder Engagement
- Continuous Improvement
Technical Overview
Hands-on data engineering and analytics with Python and SQL; builds end-to-end data pipelines (ETL), integrates REST APIs (OAuth), and implements CI/CD for control metrics; aligns with NIST 800.53, SOX, and COSO frameworks.
Ideal Candidate
The ideal candidate is a data-analytic compliance/risk professional with 3+ years in data analysis, strong SQL and Python, and experience building automated control metrics in a regulated environment. They should be comfortable with CI/CD, Git, ETL, and regulatory frameworks (NIST 800.53, SOX, COSO).
Must-Have Skills
High School DiplomaGEDor equivalent certificationAt least 3 years of experience in data analysis in a complianceauditor risk management environmentAt least 2 years of experience in data manipulation and analysisAt least 2 years of experience with SQL and PythonAt least 2 years of experience with version control (Git) and Continuous integration and continuous deployment
Nice-to-Have Skills
Bachelor's Degree5+ years of experience in data analysis in a complianceauditor risk management environment4+ years of experience developing metrics for a continuous controls monitoring program or a controls portfolio4 + years of experience developing config-driven data pipelines end-to-end including analytical SQL (CTEswindow functions)Python-based transformations (Pandas)REST API integration (OAuthpagination)and inline data quality validation3+ years of experience with regulatory requirements and control frameworks (NIST 800.53SOXor COSO)3+ years of experience with an understanding of how security controls operate in practice including control typesexecution patternsand common failure points3+ years of experience connecting control monitoring to the underlying risks and threat scenarios that the control is designed to address
Required Skills
High School Diplomadata analysissqlpythongitci/cdetlrest apioauthnist 800.53soxcosoregulatory requirementscontrol frameworksproduction pipelines
Hard Skills
PythonSQLGitCI/CDETLREST APIOAuthPandasData pipelinesData quality validationNIST 800.53SOXCOSO
Soft Skills
CollaborationCommunicationProblem-solvingAnalytical thinking
Keywords for Your Resume
principal associatecyber controls monitoringcyber cmtdata analysissqlpythongitci/cdetlrest apioauthnist 800.53soxcosoregulatory requirementscontrol frameworkscontinuous controls monitoringproduction pipelinesrisk management
Deal Breakers
No experience with SQL or Python, No background in compliance/audit/risk, No experience with CI/CD or Git, No exposure to regulatory frameworks (NIST 800.53, SOX, COSO)
Get matched to jobs like this
Luna finds roles that fit your skills and career goals — no endless scrolling required.
Create a Free Profile