Desc
Our Information Security professionals are passionate about information security and control solutions for computing environments. While managing a world-class team of technology experts, you'll partner with one or more disciplines, lines of business, regions or locations to respond to evolving business requirements and emerging threats. You'll also leverage your expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT operations across the firm. Responsibilities include offering guidance, best practices, and support across businesses, leading risk reviews and vulnerability assessments, identifying threats, communicating with senior leaders and other stakeholders, and managing budgets.
This role requires a wide variety of strengths and capabilities, including:
• Bachelor’s degree or equivalent experience
• Strong leadership skills with exceptional communication and presence
• Advanced knowledge of multiple IT control and project management practices and experience working across large environments
• Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals
• Expertise in application and infrastructure high-availability and resiliency architectures with demonstrated experience in business
• Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management, and data protection
Qualifications:
• 10+ years’ experience in technology or IT risk management, preferably for financial institution and/or strong background in IT Risk Advisory
• Experience evaluating technology risks across the various Payment flows, including application design, development, testing practices, as well as technology control design, operation and validation
• Experience leading and participating in programs to evolve and improve the Wholesale Payments cybersecurity and technology control practices and control environment
• Experience in developing a risk and control culture focused on the pro-active awareness and improvement of the Wholesale Payments control environments; and providing governance and oversight of technology risk and controls in partnership with CIB Wholesale Payments technology executives
• Dem onstrated knowledge of technology and application risk and controls management as a practitioner
• Knowledge of various control frameworks (e.g., FFIEC, COBIT, NEST)
• Experience in application security controls (design and/or execution)
• Knowledge of Software Development Life Cycle, control requirements and compliance assessments
• Strong project management and execution skills for driving enterprise-wide risk initiatives
• Audit testing experience preferred but not required
• Proficient in the use of Microsoft Office
• Knowledge of programming languages (e.g., C/C++, Java, Python ) is a plus
• Knowledge of broker-dealer regulatory requirements (e.g., FINRA, NYSE, SEC) is a plus
RequisitionType Professional JobSchedule Full time