Director, Cyber Risk Management/ Engineer

New York, NY 10019

Industry: Risk, Security Job Number: 4266

  Seeking Director, Cyber Risk Management. This person will be a driven self-starter with experience in managing and mitigating IT and Cyber Risk to -- team and develop 2nd line-of-defense processes, policies and tools for  -- Cyber Security Risk environment. Cyber Security Risk coverage areas include evaluate overall cyber & IT security risk, provide assurance over cyber & IT risk, monitor and report on risks and ensure that remediation efforts to remediate the risks are adequate.

What You Will Do
 
  • Develop, enhance & maintain a robust and sustainable Cyber & IT Security Risk program
  • Partner with the VP of Cyber Security Strategy, Risk & Governance, Chief Security Officer (CSO), IT organization and business units to establish standards, policies, and develop KRIs and KPIs for measuring and monitoring cyber & IT risks on a continuous basis
  • Manage risk assessors to provide and perform independent assurance and validation activities over common cybersecurity controls that include both administrative and technical controls
  • Assess the accuracy, completeness, and sufficiency of the risk management--- environment
  • Perform effective challenge of all critical and highly sensitive processes & controls, and business continuity
  • Develop cyber security risk scenarios to identify potential attack vectors and TTP (tactics, techniques and procedures) to guide the continuous improvement of ---s cyber defense posture. Lead and support selected cyber security remediation efforts, involved with strategic planning with Security Operations, Security Engineering & IT

Who You Are
 
  • Have a solid foundation in information technology and information security principles. Familiar with common cybersecurity frameworks and standards such as NIST SP 800-53, CSC Top 20, ISO 27000 series, PCI-DSS, HIPAA & GDPR.
  • Possess broad and deep understanding of technical security concepts and familiarity with related technologies and infrastructure, as well as a solid conceptual knowledge of enterprise IT system operations
  • Familiar with cloud security technologies, techniques & methodologies
  • Proficient in common cybersecurity domains: data protection, access control, encryption, identify management, security operations, application security, penetration tests, endpoint security, vulnerability management, threat intelligence, risk assessment
  • Able to analyze root causes of cyber security issues and documenting remediation
  • Have a high degree of initiative, dependability and ability to work with little supervision.
  • Possess strong leadership skills with the ability to lead by influence
  • Strong written and verbal communication
  • Prior experience:
  • Previous working experience in cybersecurity operation and relevant security design knowledge
  • Previous work within Risk and/or Information Security/Cyber Security. Ideally, has worked in a 2 LOD Cyber Security Risk function
  • Previous working experience managing and directing teams of risk or security professionals
  • Bachelor and/or Master’ s Degree in Computer Science, Engineering or relevant technical field
  • CISSP, CISM, or CISA certifications a strong plus
  • Background in IT Risk Assessment, IT Audit, Information security management.
  • Knowledge of US IT Security regulatory requirements and environment a plus (i.e. FISMA, PCI-DSS, HIPAA, NIST cybersecurity frameworks).

Kaitlin O'Brien

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.