Story Behind the Need:
• Business Group: client Cyber Security Operations (CSO) team is responsible for protecting the Bank and responding to cyber threats and events. The Cyber Automation & Defense group within CSO is responsible for assessing, implementing, and administering enterprise security controls to safeguard client’s informational assets and reduce security risk posture.
Candidate Value Proposition:
• The successful candidate will have the opportunity to work within client. We are technology partners who help the business transform how our employees around the world work. You will get to work with and learn from diverse industry leaders, who have hailed from top technology.
Typical Day in Role:
• Reporting to the Senior Manager, Cyber Technology Assessment & Effectiveness, the Senior IS Controls Specialist will work as part of Cyber Automation & Defense (CAD) team
• Analyze security exposures and identify the remedial and compensating factors in the organization’s network.
• Advise on appropriate implementation of compensating controls including priority and success criteria.
• Work with other technology and security teams to implement controls needed to close exposures.
Candidate Requirements/Must-Have skills:
• 5+ years of technical working experience in management of threats and industry
• 5+ years of technical working experience with security controls/mechanisms (or equivalent knowledge)
• You have used industry leading productivity tools to produce quantitative/qualitative reports, data flow diagrams & visual presentations.
• You have understanding of and can apply framework methodology for pattern and behavior-based content development (MITRE ATT&CK, Pyramid of Pain)
• You have built custom reporting of mitigation status against threats
• You have experience involving red team (Vulnerability Assessments, Web app assessments), consulting (Compliance, policy creation), SOC and Device Management
• Spanish speaking is an asset
• Previous exposure to the banking industry/financial services
• Certifications (CISSP, CISM, CCSP, CRISC)
• You have built a security program to defend against APT
• You have sized, deployed, maintained, and hardened SIEM and NGFW solutions
• Excellent written, presentation, and verbal communication skills to be able to work well with technical peers and business stakeholders at different levels within the organization.
• Strong decision making, forward thinking and creative problem-solving skills to anticipate and respond quickly to technological/market influences.
• Ability to work as part of a team, as well as work independently or with minimal direction.
• Post-secondary degree in a technical field such as computer science, computer engineering or related IT field required
Candidate Review & Selection:
• 1st round interview – Hiring Manager & 2 Team Members (45 minutes)
• 2nd round interview – Global Head & 1 Team Member (45 minutes)