Risk Analyst/Manager - Cybersecurity
New York, NY
The Firm's Technology & Information Risk (TIR) department Protects Firm information, systems, and associated infrastructure from Cyber and Insider Threats through delivery of the Firm's Cybersecurity Program and Access Management capabilities.
Provides first line of defense technology risk management capabilities Manages responses to regulatory and Client inquiries about the Firm's technology environment Provides expert advice on secure design and development, control effectiveness, and regulatory expectations
Enables proactive, comprehensive, and consistent technology and information-related risk management practices across the Firm
TIR is seeking an experienced Technology Risk professional to join a small team responsible for Strategic Planning. With a focus on continuous process improvement, the Team: Works with Department Leadership to define and maintain Strategic Plans
Develops and delivers the TIR Strategic Planning Training, Awareness, and Communication Plan to build Strategic Plan awareness across the stakeholder community and manage expectations about TIR's opportunities, challenges, and current state
Monitors progress with achieving TIR's strategic goals and objectives and report results regularly to TIR management and other key stakeholders
Defines and implements a Strategic Planning Process that includes appropriate methodologies, templates, and procedures for executing the Process
Demonstrates subject matter expertise within technology risk management and strategic planning disciplines
This position requires regular interaction with TIR senior managers and organizational partners.
Assist with analytical efforts necessary to support Strategic Plan development and maintenance
Acquire a complete understanding of TIR services, processes, and systems
Develop and maintain TIR Strategic Planning Communications Plan
Partner with the TIR Program Management Office (PMO) to monitor progress with Strategic Plans
Draft presentation materials for use in senior leadership meetings
Draft strategic planning communications materials for use across a variety of target audiences and multiple communication channels
Manage all aspects of meetings including calendar coordination, drafting agendas and minutes, and capturing and tracking open actions
Solicits and manages stakeholder feedback
Understanding of: Strategic planning processes, methodologies, and principles' technology risk management processes including technology governance, cyber / information security, business continuity planning, systems development, project management, and supplier management
Strong analytical skills required to execute data collection and analysis responsibilities
Strong communication and interpersonal skills. Ability to work effectively with all levels of the organization and across organizational boundaries. Ability to draft high quality written products that are comprehensive, accurate, and tailored to the audience
Proficient in collaboration technologies including Microsoft sharepoint and JiveStrong organizational skills and an ability to manage multiple demands and changing priorities. Proactive and detail oriented.
Experience working in a highly complex, global financial institution Project management experience
Industry Certification such as
Certified Information Systems Security Professional (CISSP),
Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or Information Systems Security Architecture Professional (ISSAP).