Sr-Cybersecurity-Risk-Exception-Analyst

Dallas, Texas, United States - Remote

Applications have closed

RESPONSIBILITIES

  • Partner with appropriate stakeholders across the Bank to document deviations from Information Technology, Information Security, and business continuity expectations as defined in Policies, Standards and Frameworks
  • Ensures all relevant aspect of the risk exceptions are documented in detail to support the inherent and residual risk determination.
  • Ensure the risk exceptions are approved by the appropriate individuals based on the nature and severity of the risk.
  • Develops and maintains reporting on the status of the program for senior leadership and appropriate oversight committees.
  • Ensures work effort dependencies, assumptions, risks and issues are defined, documented and communicated to the appropriate lead and/ stakeholder.

Requirements

EDUCATION

  • Bachelor's Degree Business, Computer Science, Information Assurance, Management Information Systems or related field

SKILLS

  • 3-8 years in Risk Management, Information Security, IT Audit, or related field.
  • Prior experience in IT and IS Risk Management process for a large firm or bank highly desired.
  • CISA, CISM, CRISC or CISSP certification(s) required
  • MITRE Attack Framework experience a plus
  • Strong written and verbal communication skills for report writing, business requirement proposals, technical policies, and methodology documentation.
  • Sound interpersonal, negotiation, and influencing skills; ability to facilitate discussions around complex issues and bring them to resolution
  • Solid analytical and problem-solving skills coupled with thoroughness and attention to detail is highly desired.
  • Thorough knowledge of banking operational risk management and industry practices.
  • Ability to adjust to rapidly changing security environment, prioritize deliverables and manage workflow.
  • Ability to exercise sound judgment and make effective recommendations to management
  • Ability to optimize and condense information and transform data into easily understandable concepts.
  • Solid understanding of financial industry, risk management, Information Technology and/or Information Security.
  • Knowledgeable in various cybersecurity areas such as: Identity and Access Management, Threat Intelligence, Vulnerability Management, Information Risk and Governance, Security Architecture, Monitoring, Incident Response, Security Strategy, and Cyber - Resiliency.
  • Strong knowledge of NIST CSF highly desired.

Benefits

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Audits Banking CISA CISM CISSP Computer Science CRISC Governance IAM Incident response Monitoring NIST Risk management Security strategy Strategy Threat intelligence Vulnerability management

Regions: Remote/Anywhere North America
Country: United States
Job stats:  18  3  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.