Information Security Governance Analyst

Company Summary
EchoStar builds solutions that help families and communities stay connected. We'll launch your career and empower you to change lives.
Our brands include Boost Mobile, DISH TV, Gen Mobile, Hughes and Sling TV. We serve millions of customers with offerings ranging from satellite to streaming services and global to personal networking solutions.
Department Summary
Our Technology teams challenge the status quo and reimagine capabilities across industries. Whether through research and development, technology innovation or solution engineering, our team members play a vital role in connecting consumers with the products and platforms of tomorrow.
Job Duties and Responsibilities
Candidates must be willing to participate in at least one in-person interview.
We are seeking a highly motivated and detail-oriented Cybersecurity Governance Analyst to fulfill a critical role in maintaining and enhancing our enterprise-wide cybersecurity posture. This position executes the Cybersecurity Governance Program, leveraging a deep understanding of risk, compliance, and information security governance to enable leadership to make well-informed, risk-based decisions. Achieving this requires building relationships and trust with peers, business partners, and leaders to drive risk reduction by evaluating and recommending mitigation activities. Another key responsibility is the design, implementation, and continuous improvement of the Security Awareness and Training Program to foster a security-conscious culture. The analyst may also lead small to medium-sized projects, managing deadlines, expectations, and deliverables with little supervision required.
Key Responsibilities:

• Maintain, review, and update the organization's cybersecurity policies and standards for regulatory and industry alignment, and manage the complete policy lifecycle including development, review, approval, and publication
• Assist in the definition and communication of technical security controls through policies and standards, monitor enterprise-wide effectiveness and adherence, and design and deliver reporting to leadership
• Manage the process for documenting, reviewing, and handling security exceptions to policy or standards, including working with control owners to document remediation plans and compensating controls and maintaining an up-to-date registry of all associated details
• Develop and manage engaging security awareness materials (e.g., posters, newsletters, intranet articles, videos) on various security topics. Coordinate and execute security-focused awareness events (e.g., Cybersecurity Awareness Month activities, Security Champions lunch-and-learns)
• Plan, execute, and analyze results of recurring simulated phishing and social engineering campaigns. Analyze and report on campaign metrics for targeted program focus
• Manage the organization's annual security training program for all employees, ensuring clear, concise and up-to-date content as well as high completion rates

Skills, Experience and Requirements
Education and Experience:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent practical experience
• 2+ years of experience in a role focused on cybersecurity governance, risk, compliance (GRC), or security awareness
• Experience in developing and delivering engaging educational content

Skills and Qualifications:

• Knowledge of common cybersecurity frameworks (e.g., NIST CSF, ISO 27001, CIS Controls)
• Familiarity with regulatory compliance requirements (e.g., PCI DSS, SOX, NYDFS, CCPA)
• Knowledge of cybersecurity technologies (e.g., SIEM, IAM, encryption technologies, endpoint protection)
• Relevant industry certifications such as CompTIA Network+, CompTIA Security+, CISSP, CISM, or CISA
• Highly organized and capable of driving multiple initiatives simultaneously without sacrificing results and deadlines
• Excellent written and verbal communication skills with the ability to translate complex concepts into clear, actionable guidance for both technical and non-technical audiences
• Proven ability to build relationships, foster mutual value for buy-in to secure practices and collaborate effectively with globally dispersed teams

Visa sponsorship not available for this role
Salary Ranges
Compensation: $83,160.00/Year - $118,800.00/Year
Benefits
We offer versatile health perks, including flexible spending accounts, HSA, a 401(k) Plan with company match, ESPP, career opportunities, and a flexible time away plan; all benefits can be viewed here: DISH Benefits .
The base pay range shown is a guideline. Individual total compensation will vary based on factors such as qualifications, skill level, and competencies; compensation is based on the role's location and is subject to change based on work location.
Candidates need to successfully complete a pre-employment screen, which may include a drug test and DMV check. Our company is committed to fostering an inclusive and equitable workplace where every individual has the opportunity to succeed. We are dedicated to providing individuals with criminal or arrest records a fair chance of employment in accordance with local, state, and federal laws.
The posting will be active for a minimum of 3 days. The active posting will continue to extend by 3 days until the position is filled.
We pride ourselves on developing and promoting talent as an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status. EchoStar will accommodate the sincerely held religious beliefs of employees if such accommodations are not undue hardships and are otherwise within the bounds of applicable law. All qualified applicants with arrest or conviction records will be considered for employment in accordance with local, state, and federal law. You may redact any information that identifies age, date of birth, or dates of school/graduation from your application documents before submission and throughout our application process.
EchoStar will provide reasonable accommodation to otherwise qualified job applicants and employees with known physical or mental disabilities, unless doing so poses an undue hardship on the Company, poses a direct threat of substantial harm to others, or is otherwise not required by law. EchoStar has a more detailed Accommodation Policy that applies to employees. EchoStar endeavors to make echostar.com and jobs.echostar.com accessible to users. Please contact [email protected] if you would like to discuss the accessibility of our website or need assistance completing the application process. This contact information is for accommodation requests only; do not use this contact information to inquire about the status of applications.
Click the links to access the following statements: EEO Policy Statement , Pay Transparency , EEOC Know Your Rights ( English / Spanish )