Senior Cybersecurity Risk Exception Analyst

JOB DESCRIPTION

• Partner with appropriate stakeholders across the Bank to document deviations from Information Technology, Information Security, and business continuity expectations as defined in Policies, Standards and Frameworks
• Ensures all relevant aspect of the risk exceptions are documented in detail to support the inherent and residual risk determination.
• Ensure the risk exceptions are approved by the appropriate individuals based on the nature and severity of the risk.
• Develops and maintains reporting on the status of the program for senior leadership and appropriate oversight committees.
• Ensures work effort dependencies, assumptions, risks and issues are defined, documented and communicated to the appropriate lead and/ stakeholder.

Requirements

QUALIFICATIONS

• Bachelor's Degree Business, Computer Science, Information Assurance, Management Information Systems or related field
• 7 years in Risk Management, Information Security, IT Audit, or related field.
• Prior experience in IT and IS Risk Management process for a large firm or bank highly desired.
• CISA, CISM, CRISC or CISSP certification(s) required
• MITRE Attack Framework experience a plus
• Strong written and verbal communication skills for report writing, business

Benefits