Lead the risk oversight for a suite of security testing capabilities, including SAST, DAST, SCA, container and infrastructure scanning, to ensure comprehensive coverage across the development lifecycle
Partner with engineering leads to prioritize and escalate recommendations for mitigating critical vulnerabilities and configuration compliance gaps
Leverage deep information technology experience to drive effective vulnerability remediation strategies across complex enterprise platforms
Lead the execution of core risk management processes, including Process Level Assessments (PLA), LAUNCH initiatives, and Material Technology and Cybersecurity Changes (MTC)
Collaborate with stakeholders to draft, manage, and validate risk objects from their inception to their closure
Serve as a trusted advisor to stakeholders in the Cyber organization for risk management best practices and enterprise-wide risk frameworks
Influence leaders within Tech, Compliance, Cyber Security, second line risk organizations, and Internal Audit on key cyber risks and actions needed
Collaborate with cross-functional teams to address regulatory responses and internal audit actions related to cyber security controls
Deliver key reporting for technology executives across a wide variety of metrics, KRIs, KPIs and Cybersecurity topics to inform on the organization’s risk posture
Perform high context critical thinking and problem solving to address key challenges as we integrate new security tooling and platforms

Requirements

Bachelor's Degree or military experience
At least 7 years of experience in an information technology or technical risk management
At least 5 years of experience in Risk Management, Process Management, Project Management, or a combination of these
At least 7 years of experience supporting, partnering and interacting with internal and external stakeholders
At least 7 years of information technology experience with a focus on vulnerability remediation and security operations (preferred)
At least 5 years of experience with Vulnerability Management and Security Testing tools (SAST, DAST, SCA, or Configuration Compliance) (preferred)
At least 4 years of Project Management experience leading cross functional projects in Risk (preferred)
Experience with Offensive Cyber Security programs, such as Responsible Disclosure or Bug Bounty programs (preferred)
At least 3 years of experience in the Financial Services industry (preferred)
Risk Certifications (CRISC, CISSP, CISM, CRCM, CIPP, ABA Risk Mgmt Certification) (preferred)
Working functional knowledge of Networking, Cloud Environments, enterprise grade Cybersecurity tooling, and enterprise technology platforms (preferred)

Benefits

Health insurance
401(k) matching
Performance based incentive compensation (including cash bonuses)
Comprehensive and competitive benefits package that supports total well-being

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

SASTDASTSCAvulnerability remediationsecurity operationsRisk ManagementProcess ManagementProject ManagementOffensive Cyber SecurityConfiguration Compliance

Soft Skills

critical thinkingproblem solvingcollaborationstakeholder managementinfluencingcommunication

Certifications

CRISCCISSPCISMCRCMCIPPABA Risk Mgmt Certification