Total exp: 6+ yrs,
Rel exp: 5 + yrs.
Mandatory skills: CISA, ISO 27001 lead implementation, CRSIC, CISM, Archer, T secuirty risk management, Risk management, threat vulnerability remediation
Job Description:
• Bachelor’s Degree in Computer Science, Information Systems, Business Administration, or other related field preferred
• Possesses prior work experience on CAPs, Remediation Assurance, Servicing Applications with exposure to various technical environments and business segments, and some experience working with Compliance, auditors and regulators
• In-depth experience with desktop software, office automation tools, Archer
• Strong Leadership and innovative skills
• Strong Validation skills as a key catalyst in working as an Action Plan Owner
• Strong Documentation and Project scheduling skills.
• Ability to work on multiple CAPs as both Action Plan Owner and Project Manager and ensuring timely milestone closure.
• Outstanding communication skills and ability to work with large number of stakeholders across Technology, Business and other CAP remediation teams.
• Results-driven with a track record of delivering projects / initiatives against aggressive timelines across a complex and matrixed environment.
• Comfortable in working independently as part of a geographically dispersed team, with a proven decision making ability as an Action Plan Owner.
• An innovator, looking at newapproaches, testing them and not being afraid to “fail fast”.
• A strong understanding of core company processes and platforms.
• Cultural sensitivity working across different markets with different customs of approach.
Key Responsibilities:
• Accountable for the resolution Technology and Business caused OREs and CAPs. Coordinating across App Owners, TRBL, Bank, Compliance, Remediation Assurance, and other teams, and ensure timely closure of all milestones with the required evidence uploaded toArcher.
• Working with various application owners, SRE and Capabilities team to implement enhanced Controls as part of working on CAPs.
• Identify and implement process improvement opportunities and perform cost benefit analysis
• Participates in the development of plans and strategies for information security, service continuity and other risk processes and programs • Supports the implementation of processes and methods for auditing and addressing non-compliance to information security standards and methodologies; facilitate migration of non-compliant environments to compliant environments
• Supports partners to achieve targeted levels of information security, project oversight and controls
• Builds relationships with diverse groups, and leads meetings to gather and document data and information in order to measure and improve the effectiveness of information security activities performed within the company
• Supports the development of information security metrics and criteria
• Direct maintenance of internal documentation library, ensuring that process and other documentation is regularly updated to reflect the latest operational processes and requirements
• Provide technical or analytical guidance as needed for issue management, project assessments, and reporting
• Leads the evaluation of products and/or procedures to improve productivity and effectiveness.
• Leads or prepares materials (reports, presentations, spreadsheets, etc) to enable informed decision-making; guidethe verification of completeness, accuracy and relevance of data gathered.
• Assists in the development, implementation, and governance of processes and initiatives to ensure compliance, cost optimization, and efficiency.
• Provides day-to-day operational management over functional processes and project delivery.
• Act as a mentor to Analysts and those passionate about developing their information security or other domain knowledge.
• Make difficult and timely decisions regarding simple and complex business problems, Accountable for ensuring security.