A top American Investment Bank is looking to bring in a Senior Manager of Cyber Risk to join its Enterprise Technology Risk team.
This person will be responsible for providing oversight of the firm's cyber programs, challenging SDLC, Information Security, and DevSecOps standards, and influencing senior management across the firm to ensure adherence to policies and procedures.
The ideal candidate will have 10+ years of experience in Technology/Cyber Risk; a strong background working on DevSecOps programs, SDLC programs, or API security; and the ability to run cyber risk assessments, reviews, and identify key risks and control gaps. The team is also interested in speaking with Cyber SMEs who are interested in moving into a Risk function.
Responsibilities:
- Lead 2nd line oversight activities of the firm's Cyber programs which includes but is not limited to governance, risk identification, remediation plans, risk assessments, etc.
- Challenge the 1st line & the business on Cyber security and architecture risks
- Review & challenge SDLC, InfoSec, DevSecOps standards and offer technical guidance
- Ensure roadmap alignment across Technology and Cyber teams
- Build and maintain relationships with key stakeholders to ensure communication
- Stay up to date on cyber trends across the industry and ensure frameworks are equipped to handle threats
Qualifications
- 10+ years of experience in Technology or Cyber Risk Management or a Tech/Cyber Subject Matter Expert looking to move into a Risk function
- Strong experience running risk assessments, identifying cyber risks & control gaps, and cyber risk reviews
- Experience evaluating DevSecOps programs, SDLC programs, or API security
- Ability to effectively communicate with senior technical and business stakeholders