Key skills
CloudCyber SecurityRisk ManagementCloud Security
About this role
Role Overview
- Provide control design guidance and conduct independent control assessments within the Cybersecurity GRC function
- Design, implement, and test security controls, ensuring technical systems and information assets are protected within the Cloud and on-prem environments
- Identify, assess, and manage inherent, control, and residual risks
- Maintain a high degree of knowledge with current and proposed security changes impacting regulatory, privacy, and security industry best practices
- Guide lines of business through assessments, translating technology/security questions for understanding
- Ensure internal controls mitigate technology and cyber risks and are managed effectively
- Compile and distribute program level reporting to relevant stakeholders
- Drive implementation, sustainability, and maturity of the Information Security control framework
Requirements
- Minimum of 5-7 years' experience in a combination of risk management, information security, and IT roles
- High technical knowledge across Cybersecurity domains such as Identity Access Management, Data Security, Configuration Management, Log Generation, Incident Response
- In-depth knowledge of cloud security practices and technologies for major providers
- Experience in writing process documentation and designing/executing control test scripts
- Knowledge of domestic and international banking regulations (Reg W, Basel II, FFIEC, GDPR, etc.)
- Professional certifications such as CCAK, CISA, CRISC, CISM, CGEIT, CSX, CISSP
- Ability to constructively work both independently and in collaborative environments
- Ability to manage multiple priorities concurrently
Tech Stack
- Cloud
- Cyber Security
Benefits
- comprehensive health and wellness benefits
- retirement plans
- educational assistance and training programs
- income replacement for qualified employees with disabilities
- paid maternity and parental bonding leave
- paid vacation
- sick days
- holidays