*** THIS ROLE IS WITH OUR CLIENT IN THE BANKING INDUSTRY***
Title: Information Security Specialist
Duration: 12 months (with possibility of extension or conversion)
TYPE: Hybrid (2 days a month in NewYork)
MUST HAVE:
- 10+ years of Information security specialist experience
- Experience in managing risk control self-assessments and control gap assessments
- 10+ years of Regulatory experience
- Technology background and comfortable speaking with technologists
- Comfortable dealing with executives and managing directors – experience.
- Controls review and assessment experience.
- Understanding of cloud computing and moving applications to a cloud environment
- Experience in Issues Management process including remediation facilitation
NICE TO HAVE:
- Broker dealer knowledge
- Derivative and prime brokerage experience
- Corporate investment banking experience
- RSA Archer experience
- Tableau experience
- JIRA & Confluence experience
SUMMARY OF DAY-TO-DAY RESPONSIBILITIES
• Define, develop and implement program on applications', in assigned business, compliance to standards and respond to questionnaires adjusting to target audience; serve as key liaison and contact for stakeholder groups
• Provide consultation and advice to partners on a broad range Technology Controls / Information Security programs / policies / standards and incidents including regulatory compliance requirements and reporting
• Conduct project consulting on assessment of risk, definition of required controls, appropriateness of implemented control procedures, vulnerability assessments and any other relevant areas
• Lead or contribute to completion of risk and control design assessments for applications in assigned business, communicate and document impact of control gaps to the business and the overall Bank, risk mitigation, remediation plans, and remediation strategy
• Contribute to the definition, development, and oversight of a global security management strategy and framework.
• Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against clients business.
• Develop on-going Technology Risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area
• Adhere to internal policies / procedures, technology control standards, and applicable regulatory guidelines
• Work collaboratively within Enterprise Protect & Office of the CISO (EP&OCISO), Client Securities and with other key stakeholders, on activities targeting the management of operational risks associated with technology
• Understand the business implications of technology risks and the commensurate security and IT risk strategies associated with these risks; escalating urgent issues in a time appropriate manner
• Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement
• Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.
• Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise
• Define / develop / implement / manage standards, policies, procedures, and solutions that mitigate risk and maximize security, availability of service, efficiency and effectiveness
• Actively manage relationships with other areas of Technology / businesses / corporate and/or control functions and ensure alignment with enterprise and/or regulatory requirements
• Keep abreast of emerging issues, bank policies/standards/processes, trends, and evolving regulatory requirements and assess potential impacts to the Bank
• Participate in business specific / cross-functional / enterprise initiatives as a subject matter expert helping to identify risk / provide guidance
• Identify and recommend opportunities to enhance productivity, effectiveness and operational efficiency
• Establish effective relationships across multiple business and technology partners, program and project managers
• Participate in knowledge transfer within the team and business units
How to Apply: If you are a motivated professional looking to contribute to a leading team, please submit your resume outlining your qualifications and experience relevant to this role. Robertson & the clients we represent, value diversity and are committed to creating an inclusive workplace. We invite all qualified individuals to apply.
Robertson & the clients we represent are equal opportunity employers, committed to diversity and inclusion. Robertson is a certified diverse supplier and actively seeks to foster a representative and inclusive workforce. We welcome applications from all qualified individuals, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, Aboriginal status, or any other legally protected factors. We champion building a diverse and inclusive environment.