Contribute to leading-edge security and resilience efforts, advancing protective strategies and propelling continuous improvement.
As a Vice President - Adoption Readiness Assessor within Cybersecurity Technology & Controls , you will contribute significantly to enhancing the firm's cybersecurity or resiliency posture by using industry-standard assessment methodologies and techniques to proactively identify risks and vulnerabilities in people, processes, and technology. Design and deploy risk-driven tests and simulations (or manage a highly-skilled team that does) and inform analysis to clearly outline root-causes. In this role, you will evaluate preventative controls, incident response processes, and detection capabilities, and advise cross-functional teams on security strategy and risk management.
Job responsibilities
Collaborate closely with cross-functional teams to develop comprehensive assessment reports – including detailed findings, risk assessments, and remediation recommendations – making data-driven decisions that encourage continuous improvement
Apply this knowledge to enhance the firm's assessment strategy and risk management. Engage with peers and industry groups that share threat intelligence analytics
Assess and perform IT general control and application control testing; facilitate identification of findings, relevant compensating controls, remediation, validation, and closure of findings within defined timeframes.
Execute multiple controls adoption readiness assessments.
Evaluate the functionality of existing and new technology platforms to drive adherence to control standards.
Track and communicate overall progress of various program, ensuring complete and timely reporting on program status to senior management stakeholders.
Ensure quality standards are achieved in development and maintenance of program documentation.
Required qualifications, capabilities, and skills
Obtain 5+ years of experience in cybersecurity concepts, with demonstrated exceptional organizational skills to plan, design, and coordinate the development of offensive security testing, assessments, or simulation exercises
Knowledge of US financial services sector cybersecurity or resiliency organization practices, operations risk management processes, principles, regulations, threats, risks, and incident response methodologies
Excellent communication, collaboration, and report writing skills, with the ability to influence and engage stakeholders across various functions and levels
Working knowledge of IT controls experience as a practitioner or lead with a Big Four or top IT consulting firm.
Working knowledge of information technology and auditing of IT general controls (SOX / SOC 1 / SOC 2).
Demonstrated experience to simultaneously lead multiple on-going assessments across different groups of stakeholders.
Proven ability to lead meetings, problem solving to identify solutions to issues and deliver quality results in a deadline-driven environment.
Proven ability to work autonomously and independently take initiative to learn new technologies using various resources.
Proven ability to work effectively in a global team environment and drive results in a complex organization.
Preferred qualifications, capabilities, and skills
- Hold relevant industry certifications – such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Offensive Security Certified Professional (OSCP)– showcasing advanced expertise in cybersecurity and offensive testing methodologies or resiliency
- Familiarity with AI/ML/LLM technology and controls
- Experience with public or private Cloud technologies (Cloud Foundry, AWS, Azure, GCP, etc.) and technology platforms (ServiceNow, Jenkins, SailPoint, etc.)
- Excel and PowerPoint skills.
- Manager level audit experience.