Reporting to the Information Risk Assessment - Infrastructure Director, the Infrastructure - Cyber Vice President is responsible for identifying, assessing, and monitoring cyber security risk associated with technology infrastructure and conducting assessments, testing controls, and assessing compliance with cyber-security policies and standards for technology infrastructure.
Defines criteria, tools, and methodologies for identifying, assessing, and monitoring the cyber security risk associated with technology infrastructure
Assesses compliance to cyber security policies and standards related to technology infrastructure
Defines testing processes for cyber security risks associated with technology infrastructure
Conducts cyber security assessments on technology infrastructure
Performs independent review and challenge of the front line unit cyber security assessments and remediation plans on technology infrastructure
Maintains oversight of the front line unit remediation efforts for cyber security exposures, gaps, and deficiencies on technology infrastructure
Performs independent review and challenge of front line unit cyber-related RCSA outputs for technology infrastructure
Manages and conducts independent risk assessments, vulnerability scans, and penetration testing results conducted on technology infrastructure
Stakeholder management and working across various parts of the organization
Communicates information risk matters to senior management
Bachelor's Degree or equivalent work experience required
At least one security certification is strongly preferred, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)
3-5 years of related experience required
Experience with AWS, Azure, O365 or other cloud solutions is required
Strong MS Office skills along with strong verbal and written communication skills
Subject matter expertise in conducting cyber security risk assessments for technology infrastructure
Prior experience of management of technology infrastructure is preferred
Experienced with vulnerability scanning and penetration testing tools and technologies
Understanding of ITIL Service Management processes
Knowledge of the financial services industry and its regulations / laws strongly preferred
Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business
Understanding of respective industry best practices (e.g., NIST, ISO, COBIT, OWASP, ITIL)
Knowledge of risk management policies, methods, standards, processes, governance models, and industry standard risk analysis approaches
Knowledge of current industry trends in information risk management
Able to collaborate well with internal and external stakeholders
Able to be a subject matter expert on assessing the maturity of cyber security practices for infrastructure
The above statements are intended to describe the general nature and level of the work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.
We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.
A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it’s the bank’s policy to only inquire into a candidate’s criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.
Apply now to have the opportunity to be considered for similar jobs at leading companies in the Seen network for FREE.
Zero stress and one profile that can connect you directly to 1000s of companies.
We’ll take it from there. After you tell us what you’re looking for, we’ll show you off to matches.
Boost your interview skills, map your tech career and seal the deal with 1:1 career coaching.
Join now and be seen.