CISO & Executive Reporting and Metrics Analyst

Ciena is committed to our people-first philosophy. Our teams enjoy a culture focused on prioritizing a personalized and flexible work environment that empowers an individual’s passions, growth, wellbeing and belonging. We’re a technology company that leads with our humanity—driving our business priorities alongside meaningful social, community, and societal impact.

Ciena is a global leader in optical and routing systems, services, and automation software. We build the world’s most adaptive networks to address ever-increasing digital demands for richer, more connected experiences for all users. For three-plus decades, we’ve brought our innate sense of humanity to our relentless pursuit of innovation. We prioritize deep, collaborative relationships within our teams, and alongside our customers, partners, and communities—local and global. 

Security Organization: 

The Security team at Ciena is a tight-knit group of skilled professionals who share the same passion for defending the company, our products, and our reputation by building a robust and proactive security program. With the ever-increasing volume and complexity of regulatory requirements, security threats, and customer expectations, we are growing and have exciting work planned. 

Role Overview: 

As the CISO & Executive Metrics and Reporting Analyst, you will play a critical role in supporting the Chief Information Security Officer (CISO) by developing, managing, and delivering comprehensive security metrics and reporting. This role will be responsible for ensuring that key security performance indicators are accurately tracked, analyzed, and communicated to executive leadership and other stakeholders. The ideal candidate will have a strong background in cyber security, data analysis, and executive reporting.

Responsibilities:

Develop and Manage Security Metrics & Reporting Framework:

• Define, track, and analyze key performance indicators (KPIs) and key risk indicators (KRIs) aligned with organizational security goals, regulatory requirements, and industry best practices (e.g., NIST, ISO 27001).
• Continuously refine metrics and KRIs to provide actionable insights into the effectiveness of the security program and the organization's risk posture.

Provide Data-Driven Insights to Leadership:

• Collect, analyze, and interpret security data from various sources, including SIEM systems (e.g., Splunk), security tools, and incident reports.
• Deliver regular (monthly/quarterly) and ad-hoc reports, dashboards, and presentations to the CISO and executive leadership, clearly communicating complex security concepts and data in a concise and impactful manner.

Support Risk Management & Decision-Making:

• Develop, maintain, and report on risk management metrics, including risk assessments, risk exposure, and residual risk.
• Monitor risk appetite and tolerance levels to ensure alignment with organizational objectives and regulatory requirements.

Collaborate Across Teams & Drive Continuous Improvement:

• Work closely with IT, compliance, risk management, and business units to gather data, foster alignment on security initiatives, and drive consensus on metrics and reporting requirements.
• Proactively identify opportunities for process improvements to enhance the efficiency and effectiveness of the security reporting function.
• Stay abreast of industry trends, emerging technologies, and best practices in cybersecurity metrics and reporting.

Must Have :

• Education: Bachelor's degree in Computer Science, Information Systems, Cyber Security, or a related field. Master's degree is a plus.
• Experience: Minimum of 5 years of experience in a similar role, with a focus on metrics and reporting in the field of cyber security. Experience working in an executive-level capacity is highly desirable.
• Technical Skills: Proficiency in data analysis and visualization tools (e.g., Excel, Tableau, Power BI). Strong understanding of cyber security metrics, frameworks, and industry standards (e.g., NIST, ISO 27001). Familiarity with security information and event management (SIEM) systems is a plus.Proficiency in SQL for querying databases. Experience with Snowflake for cloud-based data warehousing, including data modeling, querying, and performance optimization. Good to have experience with ETL (Extract, Transform, Load) processes and python scripting .
• Analytical Mindset: Demonstrated ability to analyze complex data sets, identify trends, and provide actionable insights. Strong problem-solving skills and the ability to think strategically.
• Communication Skills: Excellent written and verbal communication skills, with the ability to present technical information to non-technical stakeholders in a clear and concise manner. Strong attention to detail and the ability to tailor messaging to different audiences.
• Leadership and Collaboration: Proven experience working in cross-functional teams and managing relationships with stakeholders at all levels. Ability to influence and drive consensus on metrics and reporting requirements.
• Certifications: Relevant certifications such as CISSP, CISM, or CRISC are highly desirable.
• Adaptability: You should be able to adapt quickly to changing security threats and technologies.
• Teamwork: The successful individual should be able to work effectively with their team and other departments to achieve the company's security goals.

Not ready to apply? Join our Talent Community to get relevant job alerts straight to your inbox.

At Ciena, we are committed to building and fostering an environment in which our employees feel respected, valued, and heard.  Ciena values the diversity of its workforce and respects its employees as individuals. We do not tolerate any form of discrimination.

Ciena is an Equal Opportunity Employer, including disability and protected veteran status.

If contacted in relation to a job opportunity, please advise Ciena of any accommodation measures you may require.