Description

Qualifications/Experience

  • Ten+ years of experience in Cyber Security, IT Risk and technology risk management areas.
  • Experience leading an effective Cyber Risk Management program and IT Controls Assurance Program
  • Experience working with key Operational Risk processes, loss event management, KRI &  KPI production, risk reporting, controls assurance, etc. in a first or second line of defense capacity
  • Implementation experience in ISO certifications and SOC attestations
  • Knowledge of information security standards, particularly ISO 27001 and attestation reports (e.g. SOC 1/2)
  • Knowledge of GRC Platforms, particularly Service Now
  • Use or knowledge of Service Now Risk Module
  • Understanding of basic Cyber Security and IT concepts, such as networks, vulnerabilities, types of cyber-attacks, etc
  • Strong stakeholder management skills, including technical members of staff and senior executives, including stakeholder negotiation, and influencing
  • Ability to multitask and manage competing priorities
  • Excellent time management and organizational skills
  • Excellent interpersonal and conflict management skills
  • Excellent written and verbal communication skills

Skills/Abilities

Certifications

  • CISA/CISM or equivalent
  • Certifications in any of the ISO roles
  • Other IT Technical Certifications

Education

Any Gradute