Job Description :
Spearhead cutting-edge security strategies and resilience initiatives, shaping the future of cybersecurity.
As an Assessments & Exercises Director in Cybersecurity Technology & Controls, you will lead key efforts to enhance the firm's cybersecurity or resiliency posture. Plan and implement testing engagement to proactively identify risks and vulnerabilities in people, processes, and technology using advanced assessment methodologies and techniques. Spearhead the resolution of the most complex cyber and resiliency risks facing the firm, drawing on your extensive experience in conducting assessments across different systems, networks, and architectures. Your ability to analyze and articulate the inner workings of complex vulnerabilities will enable the firm to enhance its security strategy and mitigate cyber and resiliency risks.
Job responsibilities
- Develop and implement operational plans and strategies that align with broader functional and organizational objectives (such as the needs of the business and regulatory expectations)
- Lead the successful execution of risk-driven testing and simulations - such as penetration tests, technical controls assessments, cyber exercises, or resiliency simulations - and the development of comprehensive assessments reports including actionable recommendations, report to leadership assessment outcomes (including controls effectiveness and operational risk) and escalate thematic trends in observations
- Influence and partner with cross-functional teams to make data-driven decisions that lead to continuous improvement
- Utilize threat intelligence and security research to stay informed about emerging threats, vulnerabilities, industry best practices, and regulations and lead engagement with internal and external stakeholders - including industry peers and government agencies - to share insights and contribute to the development of cybersecurity and resiliency policies
Required qualifications, capabilities, and skills
- Bachelor's Degree in Computer Science, Cybersecurity, Data Science, or related disciplines
- 7+ years of experience in cybersecurity or resiliency, with demonstrated ability to implement complex assessments or exercises collaboratively with diverse stakeholders, subject matter experts, and senior leaders
- Strong understanding of the current threat landscape and resiliency concerns, national and international laws, regulations, policies, and ethics related to cybersecurity or resiliency
- Demonstrated expertise in security assessment methodologies, threat intelligence utilization, control evaluation techniques, or resiliency testing
- Experience developing and presenting briefings to senior leaders and large audiences, in addition to meeting facilitation, conflict resolution, and providing program updates to senior leaders, regulators, and industry groups
Preferred qualifications, capabilities, and skills
- BS/MS degree in Cyberspace, Homeland Security, Emergency Management, Information Assurance, and/or Banking/Finance
- Hold relevant industry certifications - such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Offensive Security Certified Professional (OSCP) - displaying advanced expertise in cybersecurity and offensive testing methodologies or resiliency
- Familiarity with how the operate
- Requiring knowledge of Financial systems eliminates key talent from high tech firms from being relevant.
