Cyber Security Officer

Locations: 100% remote but must be in the following states - New Jersey, New York (except NYC), Georgia, Pennsylvania, Florida

Summary:

Our award-winning client in the banking industry is looking to add a Cyber Security Officer for their team.

Responsibilities:

• Cloud Application security program is to drive the adoption of cloud security practices, secure solutions and methodologies, improve the security posture of applications, and streamlining cloud adoption while complying with standards and regulations.

• Perform detailed technology & Cyber risk analysis (using various analytics) and provide an effective second-line challenge

• Collaborate with stakeholders to complete technology and cybersecurity risk assessments, capture all elements of security controls, identify gaps, residual risk and determine risk management plans.

• Work with members of the IT team, vendors and other stakeholders, to coordinate the adoption of security practices and secure solutions and methodologies.

• Improve the security posture of applications, and streamline cloud adoption while complying with standards and regulatory requirements (i.e. NIST, FFIEC, CIS etc.).

• Conduct security strategy, readiness and discovery assessments pertinent to the Bank's technology environment be familiar with security frameworks, compliance requirements and security operations

• Leverage cloud service's native security controls as well as future Cloud Access Security Broker (CASB) platforms to meet security, risk management, regulatory and compliance mandate.

• Establish and maintain cloud access security controls to protect cloud applications using a set of policies aligned with organizational data classification standards and data security standards

• Have granular visibility into what cloud applications or cloud platforms are in use, what information is stored in the cloud, understand how sensitive data is protected in the cloud, and identify the risks exposed to the business.

• Establish processes to identify, track, prioritize and ensure the remediation of vulnerabilities in applications and platforms.

• Perform operational risk management reviews related to third-party vendors ("TPV") including SOC2 reviews and ongoing enhancement of the Bank's TPV program to ensure proper due diligence, risk assessment, and monitoring.

Required Qualifications:

• Bachelor's degree or equivalent in Information Technology, Computer Science, Engineering, or related field

• 7+ years' experience working in Cybersecurity and Information Security Domain

• 3+ years' of demonstrated experience with cybersecurity-related platforms

• Solid understanding of application security vulnerabilities and countermeasures to reduce related risk.

• Experience with enterprise cloud computing platforms including Microsoft Azure, AWS, O365, Salesforce, Service Now, Cisco Cloudlock, etc.

• Experience with several different security postures, and risk profiles

• Experience with design review, threat modeling, and cybersecurity controls

• Knowledge of cloud networking architecture, cloud operations, security, automation, and orchestration as well as regulatory frameworks and standards.

• Technology delivery experience through concept, development, validation, deployment, and support

• Strong technical background in systems and networking

• High level of integrity and sound judgment concerning security, privacy issues, and complex situations.

• Effective, efficient written and verbal communication skills.

• Strong service commitment.

• Excellent planning skills.

• Ability to work as a productive, responsible, self-motivated member and/or leader of a team.

• Ability to work independently and manage time effectively.