Cyber Security Specialist

Job Description:

We are seeking an experienced Cyber and Technology Risk and Controls Specialist with a strong background in technology domains and cybersecurity-related risks. The ideal candidate will possess a comprehensive understanding of technology risk governance, risk and compliance principles, and management processes and controls.

Key Responsibilities:

• Risk Assessment: Conduct technology risk assessments on Linux systems, databases, web applications on Cloud platforms (including Azure), IT infrastructure, and security environments.
• Control Implementation: Implement and manage controls in areas such as Change Management, Platform Security, Operational Resilience, Cybersecurity Resilience, Security Monitoring, and Identity and Access Management.
• Regulatory Compliance: Ensure adherence to regulatory requirements related to technology risk governance and management.
• Project Management: Manage multiple projects simultaneously, demonstrating excellent time management skills and the ability to meet target deadlines.
• Agile Methodologies: Apply Agile and Scrum methodologies in project execution.
• Stakeholder Communication: Effectively communicate complex technical concepts to both technical and non-technical stakeholders.

Essential Skills:

• Technical Expertise: In-depth knowledge of databases, operating systems, application security, network security, data security, cloud security, asset security, threat/vulnerability management, and business continuity.
• Risk Assessment Experience: Hands-on experience conducting detailed technology risk assessments, including Business Impact Assessments, Technology Application Controls Assessments, Technology Infrastructure Controls Assessments, and the applicability of security controls.
• Banking Applications: Experience with banking applications and understanding their specific risk and control requirements.
• Analytical Skills: Highly detail-oriented and analytical, with the ability to grasp, analyze, and apply new information in a fast-paced environment.
• Organizational Skills: Highly organized, with the ability to work on multiple projects simultaneously.
• Self-Motivation: Self-starter with the ability to manage business-as-usual workload and projects with minimal direction.

Desirable Skills:

• Tool Proficiency: Experience with ServiceNow (GRC model), Aveksa, CyberArk, Arcsight, and Nessus.
• Certifications: External certifications such as ISO 27001:2013, CISA, CISM, CRISC, etc.

Experience:

• Years of Experience: 8-10 years in cyber and technology risk and controls, with a focus on governance, risk, and compliance.