Cyber Risk Resume Samples
4.9
(88 votes) for
Cyber Risk Resume Samples
The Guide To Resume Tailoring
Guide the recruiter to the conclusion that you are the best candidate for the cyber risk job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.
Craft your perfect resume by picking job responsibilities written by professional recruiters
Pick from the thousands of curated job responsibilities used by the leading companies
Tailor your resume & cover letter with wording that best fits for each job you apply
Resume Builder
Create a Resume in Minutes with Professional Resume Templates
CHOOSE THE BEST TEMPLATE
- Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS
- Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES
- Instantly download in PDF format or share a custom link.
CP
C Pfannerstill
Cleve
Pfannerstill
79927 Delilah Circles
Detroit
MI
+1 (555) 319 6525
79927 Delilah Circles
Detroit
MI
Phone
p
+1 (555) 319 6525
Experience
Experience
San Francisco, CA
Cyber Risk Services
San Francisco, CA
D'Amore-Reichel
San Francisco, CA
Cyber Risk Services
- Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
- Understand complex business and information technology management processes
- Responsible for planning, scoping, deploying and integrating Privileged Account Security Solutions CyberArk, Dell, Oracle, CA-Xceedium, RSA, Lieberman
- Responsible for rolling out PAM solution with expertise in integrating disparate systems
- Demonstrate a general knowledge of market trends, competitor activities, Deloitte & Touche products and service lines
- Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
- Participate in and actively support mentoring relationships within practice
San Francisco, CA
Cyber Risk Specialists
San Francisco, CA
Dickinson Group
San Francisco, CA
Cyber Risk Specialists
- Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
- Execute advanced services and supervise staff in delivering basic services
- Build and nurture positive working relationships with clients with the intention to exceed client expectations
- Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions
- Understand clients' business environment and basic risk management approaches
- Identity & Access Management
- Security Incident & Event Management
present
Detroit, MI
Cyber Risk Management Program Manager
Detroit, MI
Mayer-Zemlak
present
Detroit, MI
Cyber Risk Management Program Manager
present
- Builds and institutes a cyber risk management program to focus cybersecurity investments with guidance from the Cybersecurity Steering Committee
- Creates or implements tools for regular reporting of risk management activities and progress across all areas of information security
- Engages leaders from Technology and the business to understand and prioritize cybersecurity risks through formal risk assessments
- Provides and presents organizational communication and education related to the program. Ensure communications are consistent and coordinated
- Serves as lead and point of contact for all security cyber risk management related activities
- Provides direction to team members assigned to projects and operational activities associated with security cyber risk management
- Provides guidance and coordination for cyber risk management efforts including evaluation, risk management activities and reporting to all levels of the organization
Education
Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
Seton Hall University
Bachelor’s Degree in Computer Science
Skills
Skills
- Demonstrable track record of strong teamwork and delivery, within and across departmental teams
- Demonstrable competency in performing lessons learnt and root cause analysis for cyber security incidents
- Strong communication skills, both written and verbal
- Strong report writing skills
- Strong influencing and negotiating skills
- Strong analytical and project management skills
- Experience of working with multiple stakeholders of different levels
- Thorough understanding of the cyber threats relevant to financial service companies, and expertise in assessing risk presented by emerging threats
- Cyber security control expertise within complex networks/businesses
- Key specific accountabilities
15 Cyber Risk resume templates
Read our complete resume writing guides
1
Cyber Risk Analyst Resume Examples & Samples
- Strong business communication skills with experience working with and explaining complex technical requirements to non-technical personnel
- Monitors and performs activities related to information security policies, standards, directives and exceptions
- Data Classification - properly classify data according to policy (Restricted/Proprietary, Confidential, Sensitive and Public) and assess risk associated with processing, transmitting, and storing data within each level
- Conduct risk assessment reviews - Assesses, recommends and develops control requirements and solutions to ensure risks and exposures are identified and mitigated. Assessment types include, but are not limited to, application or device assessment, incident triggered assessment, policy or contract review, project assessments, third party/outsourcing assessments, and threat assessments
- Ensure identified risks are documented - clearly and formally document identified risks and work with project managers and business owners to address the risks
- Provides guidance and subject matter expertise regarding Cyber Security Risk Management to business unit liaisons during information security policy management and compliance activities
- Involved in our Enterprise Security Vulnerability Management Program - on going monitoring, tracking and vulnerability assessments
- Creates and delivers ongoing reporting and metrics associated with the policy and exceptions program as well as with related IT controls work (e.g. Sarbanes Oxley, PCI, HIPAA, etc.)
- Participate in our Security Awareness Program - provide creative thinking and security knowledge to foster retainable security training material for the enterprise
- Maintain an awareness of existing and proposed security standards, state and federal legislation and regulations pertaining to information security
- Develops and maintains group relationships in support of policy development and governance activities
- Provide assistance to other Risk team members - assist the team members and provide backup coverage as needed
- Work with outside vendors, regulators and internal auditors
- Perform all other Risk related duties as assigned
- Technical knowledge in the security arena
- Strong knowledge of Information Security and best practices
- Knowledge of Risk Management tools
- Experience working with PMO and PM's
- Experience facilitating risk identification sessions
- Knowledge of encryption practices
- Broad technology skills in networking, operating systems, applications and databases
- In depth knowledge of network technologies to include wireless and mobile platforms
- Ability to assess risks and form mitigation alternatives in defining compensating controls
- Superior problem solving abilities - ability to comprehend complex technical topics quickly
- Ability to discuss complex topics with both technical and non-technical personnel
- Desire to participate and be accountable to a team atmosphere - act as a team member within a group of information security risk professionals
- Administer 100 % Total Customer Service Satisfaction
- Must be familiar with computer applications (such as MS Office Suite, MS Visio2003 MS Project)
- A Valid Driver's License
2
Data Protection Cyber Risk Manager Resume Examples & Samples
- Focusing on establishing secure configuration and management of cyber controls
- Define Cyber controls (standards) for core platforms understanding the complex and diverse nature of JPMC. These controls must be implementable and measurable from a compliance perspective
- Contribute toward an execution strategy that focuses on embedding security controls into existing practices to enhance effectiveness. Success will be measured by the comprehensiveness of associated standards/procedures
- Participate in cross LOB working groups to review and approve proposed architecture and support presentations to various leadership groups for final approval
- Update applicable standards and procedures translating security requirements into easily understood controls
- Maintain a deep understanding of the core discipline(s) for which you support (SME)
- Ensure that ancillary processes (3rd party risk, assessments, etc) accurately reflect control requirements
- 3-5 years of experience in with corporate IT cryptographic solutions
- Working experience with cryptographic solutions (including authentication, encryption, hashing, tokenization & signing) across application, backup, database, endpoint device, email, file, network, removable media and storage domains. It is desired to have worked with vendor based implementations such as Cloud-based, Cisco, EMC, IBM, Microsoft, Oracle, RSA, Sybase, Voltage, Vormetric, Secure Islands, Titus, etc
- Working experience with key management (KMIP and PKCS#11), distribution and administration (user and machine based)
- BS degree in Computer Science, Computer Engineering, or Applied Mathematics required
- Direct involvement in cryptographic and key management programs
- Supporting cryptographic strategy, policies, standards and compliance procedures
- Solid understanding of security, encryption, authentication, key management, and applied cryptography
- Supporting security architectures involved with authentication, authorization and cybersecurity
- Knowledge of cryptographic algorithms, protocols, implementation and standards (e.g., AES, AES Modes: CTR; CBC; FPE; etc., DES/TDES, DH, DNSSEC, ECC, IBE, Kerberos, IPSec, MD5, OpenSSL, RSA, SHA*, SSL/TLS and ANSI, IETF, NIST, FIPS, PKCS, PKI)
- Understanding of country based legal and regulatory requirements for cryptography, information confidentiality, and privacy
- Digital rights management and data classification
- Excellent written and verbal communication skills, including the ability to independently and effectively participate in strategic discussions / meetings with peers across the firm
3
Senior Mgr, Cyber Risk & Infrastructure Resume Examples & Samples
- Able to create challenging roles and responsibility to build organizational capability and fill gaps
- Influence the information security policy governance process; make recommendations for new policies or changes to existing policies based on regulatory and risk trends
- Interact with Internal Controls Compliance department, Internal and External Audit during scoping, planning, execution and follow-up of internal controls testing and audits for regulatory compliance
- Manage a diverse group to produce results within budget and acceptable timeframes
- Participate in monthly budget reviews of capital and operational expenditures. Plan and execute spending according to budgetary guidance
4
Cyber Risk Manager Resume Examples & Samples
- Partner closely with the CTO organization to perform cyber risk assessments of business process and platforms
- Influence the technology agenda and roadmap commensurate with business prioritized risk reduction
- Identify Cyber training and awareness requirements across the business
- Role will include close partnership with Corporate Security functions to ensure the Treasury Services business is well informed of the changing threat landscape and also influencing the delivery of shared services to meet requirements and business priorities
- Over ten years’ of overall IT experience with a minimum of 5 years’ extensive experience within the Information Security and Cyber risk management discipline
- 5 years’ experience supplemented with industry recognized training and certification in Cyber Risk and Cyber Controls. (examples including CISM, CISSP, NIST)
- A proven track record of taking the Cyber agenda to the Business and Technology community both in terms of risk and mitigating controls
- Role will require candidate to combine subject matter expertise with very strong inter personal skills, strong influencing skills and articulate in engaging with senior stakeholders to influence strategy and roadmaps
5
Advisory Manager Risk Cyber Risk Services Attack & Penetration Resume Examples & Samples
- Unix, NT, networking and wireless security, or TCP/IP networking
- Programming languages such as Java, C, C++, C#, asp, and .NET
- Manual attack and penetration testing above and beyond running automated tools
- Application development including developing custom scripts or programs (used for port scanning and vulnerability identification)
6
Advisory Manager Cyber Risk Services Data Privacy & Protection Resume Examples & Samples
- Advisory consulting, a professional services role or industry experience
- General security concepts and methods including vulnerability assessments, privacy assessments, intrusion detection, incident response, security policy creation, enterprise security strategies, architectures and governance
- Regulatory requirements and compliance issues affecting clients related to privacy and data protection, such as GLBA, Basel II, EU Data Protection Directive, International Cross Border, and U.S. State Data Privacy Laws; and
- Technical architecture, including integrating data protection software into clients' infrastructure; network architecture design, and implementation and administration
7
Advisory Manager Risk Cyber Risk Services Cyber Threat Management Vulnerability ID Resume Examples & Samples
- Programming languages such as Java, C, C++, C#, asp, or .NET
- Manual attack and penetration testing including running automated tools
- Application development including developing custom scripts or programs (used for port scanning and vulnerability identification); and
- Working with web-based application vulnerabilities
8
Deloitte, Senior Manager, Cyber Risk Resume Examples & Samples
- Building and developing long terms relationships with senior stakeholders across the market including with our client organisations
- Attracting world-class talent to Deloitte and further develop and mentor our people
- To have a broader perspective of potential issues encountered when managing diverse teams and the strategies to overcome them; have a clear understanding of the firm’s commitment to creating a more inclusive culture
- A broad range of cyber experience, likely including experience across a number of areas such as certifications (such as ISO27001 or SOC2), advanced threat readiness and protection, application protection, identity and access management, incident response, information privacy and protection, cyber risk analytics, vulnerability management, war gaming
- Excellent communication skills and the ability to communicate highly complex concepts effectively both written and verbal, appropriately tailored to people from a very wide range of cultures, technical backgrounds and seniorities
- Strong market reputation, broad network and demonstrable contribution to the cyber community
- Strong academics, including a minimum of 2.1 degree or equivalent experience and qualifications
9
Cyber Risk Services Sales Executive Resume Examples & Samples
- Building relationships with key executives to generate, develop and pursue leads and close sales
- Driving targeting efforts
- Developing and implementing direct sales campaigns
- Assisting practitioners with qualifying and winning opportunities
10
Cyber Risk Specialists Resume Examples & Samples
- Cyber Risk Strategy
- Cyber Security Architecture
- Identity & Access Management
- Security Incident & Event Management
- Threat Intelligence & Modeling
- Cyber Risk Cloud
- IT Risk Management
- Governance, Risk & Compliance
- Data Protection, Privacy
- Application Integrity
- Cyber Threat Management
- Information Security design
- Network and Infrastructure Security
- Prior Big 4 or other consulting experience
- Undergraduate degree as a minimum
- CISSP, CISM, CISA or equivalent certification is desired
- 5+ years’ work experience with at least one of the Cyber Risk specialties
- Experience developing management strategies, architectures and implementation plans
- Experience writing proposal, statement of work and developing pricing models
- Understanding of current regulatory environment and related implications
- Strong oral and written communications skills
- Open to travel requirements - Monday - Thursday
11
Cyber Risk-senior Manager Resume Examples & Samples
- Business Development: Develop and maintain contact with top decision makers at key clients; organize and lead pursuit teams and develop pursuit strategies; lead the proposal development process; contribute to the development of proposal pricing strategies
- Client Management: Develop and sustain relationships with clients' executives and senior management
- Engagement Management: Lead engagement planning and budgeting; mobilize and manage engagement teams; define deliverable structure and content; facilitate buy-in of proposed solutions from top management levels at the client; direct on-time, quality delivery of work products; manage engagement economics; manage engagement risk
- Practice Development & Eminence: Make meaningful contributions to the development of new and improved industry based solutions and methodologies to grow the practice. Participate in state government industry forums and group groups and make meaningful contributions
- Demonstrate knowledge in one or more of the following information security domains, including
- Supervisory experience and demonstrated leadership capabilities required
- Prior Big 4 or other relevant consulting experience required
12
Risk Advisory Cyber Risk Services Resume Examples & Samples
- We offer you a varied and challenging role in a fast growing company
- Your role will involve providing advisory services to clients in areas related to security, privacy and resilience
- Playing an important role in our project teams
- Given our customer base, our projects have a strong international flavour and offer you the chance to be self-motivated and creative
- As a member of our highly motivated, multicultural team, you can expect new challenges every day
- Bachelor or Master Degree from a university or technical college in information technology, engineering or computer science
- 2-4 years' experience in the field of information security and management of projects
- Good understanding in some of the following areas: information security, management systems (ISMS), identity and access management, privacy and data protection, application security, server security and threat & vulnerability management
- Certifications such as CISSP, CISM, CISA, PRINCE2 and ITIL are advantageous and a good understanding of security relevant industry standards such as ISO 2700x series, COBIT, ITIL, SOGP, PCI DSS
- You communicate confidently in English. Any further languages would be an advantage
13
Risk Advisory Cyber Risk Services Resume Examples & Samples
- You will be taking a leadership position within a high performance team
- 8 years' experience in the field of information security consulting in a Big4 or similar environment
- Deep subject matter expertise in one or more of the following areas: information security, management systems (ISMS), identity and access management, privacy and data protection, application security, server security and threat & vulnerability management
- Certifications such as CISSP, CISM, CISA, PRINCE2 and ITIL
14
Deloitte, Manager, Cyber Risk Resume Examples & Samples
- Working with the Cyber leads in Risk Advisory and other specialist areas, such as our cyber technology consulting specialists, to develop and implement existing and new market propositions across a number of industries
- Delivering a portfolio of cyber-related engagements across our business, including effective people management on client engagements and working seamlessly and collaboratively with colleagues in other parts of the organisation and globe
- Building and developing long terms relationships with senior cyber professionals and other relevant stakeholders across our client organisations; and
- Acting as a role model - helping to recruit, develop and mentor world-class consultants and senior consultants
- A broad range of cyber experience, likely including one or more of providing organisational certifications (such as ISO27001 or SOC2), advanced threat readiness and protection, application protection, identity and access management, incident response, information privacy and protection, cyber risk analytics, vulnerability management, war gaming
- Strong commercial awareness and business acumen, including specifically a good understanding of cyber risk to both business processes and supporting technology and mechanisms to measure and manage that risk
- Strong interpersonal skills and experience of developing strong relationships and significant influencing abilities, either as a consultant within an organisation
- A demonstrable ability to solve complex problems objectively, using an appropriate combination of analysis, experience and judgement
- A passion for delivery of high quality complex projects including effective programme, project, financial and people management
- Strong academics, including a minimum of 2.1 degree or equivalent experience; and
- Relevant cyber qualifications, for example M.Inst.ISP, CISSP and similar
15
Cyber Risk-senior Manager Resume Examples & Samples
- Experience working in or serving companies in the Energy and Resources industry
- CISSP, CISM, or CISA certification preferred
- Prior Big 4 or other relevant consulting experience
16
Cyber Risk, Data Privacy Resume Examples & Samples
- Assist clients with identifying gaps within existing privacy programs and designing solutions to address those challenges
- Be up to date on industry trends around data privacy and cyber risk practices
- Understanding of how strategic business requirements align with privacy and security requirements. This includes a thorough understanding of how privacy relates to business drivers, legal requirements, marketing functions, technical / security controls, and organizational operational risk tolerance
- Experience performing surveys and inventories across regional and global distributed organizations; including application, database and policy inventories a plus
- Experience building privacy requirements frameworks / matrices and performing audits of networks, operating systems and applications for privacy a requirements
- Experience performing privacy and/or security gap assessments and producing executive management reports on current practices that expose an organization to privacy and/or security risks
17
Cyber Risk Services Resume Examples & Samples
- Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
- Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
- Responsible for planning, scoping, deploying and integrating Privileged Account Security Solutions CyberArk, Dell, Oracle, CA-Xceedium, RSA, Lieberman
- Responsible for rolling out PAM solution with expertise in integrating disparate systems
- Understand clients' business environment and basic risk management approaches
- Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
- BA/BS Degree in Business Administration, Computer Science, Engineering, Accounting or Information Systems
- 3-5 plus years’ experience in developing, implementing or architecting information systems
- 1-3 plus Technical architecture experience integrating identity management, access management and access governance software into clients' infrastructure and applications
- Experience developing identity management strategies, architectures and implementation plans
- Experience leading business requirements gathering and translating those into system requirements
- Experience developing identity management governance plans
18
Cyber Risk-grc Technical Architect Resume Examples & Samples
- Understanding of how strategic business requirements align with privacy and security requirements. This includes a thorough understanding of how privacy relates to business drivers, technical implications, legal, marketing as well as security functions in an organization
- Experience performing risk assessments, using risk assessment software or developing risk assessment tools at the enterprise level. Experience performing surveys and inventories across globally distributed organizations; including application, database and policy inventories a plus
- Experience performing security and/or privacy gap assessments and producing executive management reports on current practices that expose an organization to privacy and/or security risks. Experience with an organization's privacy and security due diligence efforts when entering into third party relationships or M&A activities a plus
- Strong experience in defining business and functional requirements and working with technology teams to support these requirements through automation using GRC software that includes, but is not limited to Archer, BWise, OpenPages and Agiliance
19
Cyber Risk Services Resume Examples & Samples
- BA/BS Degree in Business Administration, Computer Science, Engineering, Accounting or Information Systems or minimum of 5 years of Identity & Access Management experience with IBM Identity and Access Manager products
- 4-7 plus years’ experience in developing, implementing or architecting information systems
- 2-5 plus years’ of Technical architecture experience integrating identity management, access management and access governance software into clients' infrastructure and applications
- ‘Identity Management’ expertise in the following areas
- Master’s degree in Computer Science, Information Technology, or related field and minimum 5 years of experience in information technology
- MBA added advantage
- 2-5 years’ experience with large, complex implementations in the Public Sector
- Familiarity with: major operating systems such as Microsoft Windows and Unix
- Experience in IBM directory and IBM DB2 database
- Optimizing systems and processes to support delivery of IT services using ITIL methodology
- Working knowledge and experience with IBM websphere
- Certifications such as CISSP, CISM, or CISA
20
Cyber Risk Data Protection Architect Resume Examples & Samples
- Advise clients in understanding the future state problems and challenges in cyber security and work collaboratively with them to enhance capabilities
- Contribute to Deloitte’s thought leadership in client organizations and external market place
- Be up to date on industry trends around cyber risk and data protection practices
- Understanding of the entire ecosystem of data protection including well-rounded understanding of the information security domains and their inter-relations across that ecosystem
- Strong domain expertise, implementation and/or integration skills in two to four or more (depending on years of experience) of following areas
- Data classification and inventory programs including the use of data discovery tools
- Technology asset and configuration management
- Baseline configurations, patch and vulnerability management programs
- Public key infrastructure (PKI)
- Data loss prevention (DLP)
- Database activity monitoring
- Multi-factor authentication
- Privileged access management and monitoring
- Network security (segmentation, firewalls, DNS, DHCP, etc.)
- DBA experience with database technologies such as Oracle and Microsoft SQL
- Understanding of key industry and regulatory requirements such as PCI, HIPAA, NIST Cyber Security Framework, NERC, or FFIEC requirements
- Previous experience with attack and penetration testing and/or cyber incident response a plus
- Technical skills including scripting - Python/JAVA/ASP/C#, Coding frameworks is a plus
- Problem solving and critical thinking skills
- Working collaboratively with clients to design and implement process and technology solutions
- Able to build solid, trust - based relationships with stakeholders
- Capacity to embrace change and quickly adapt to new situations, changes in direction, and altering priorities
- CISSP, or equivalent certification desired
- Demonstrated problem solving, critical thinking and logical structuring skills
21
Risk Advisory Cyber Risk Services, Manager Resume Examples & Samples
- Bachelor or Master Degree from a university or technical college in information security, computer science, engineering, physics, mathematics or similar field
- 5 years' experience in the field of information security field and management of projects with a good understanding of security relevant industry standards such as ISO 2700x series, COBIT, ITIL, SOGP, PCI DSS
- Subject matter expertise in one or more of the following areas: information security, management systems (ISMS), identity and access management, privacy and data protection, application security, server security and threat & vulnerability management
- Certifications such as CISSP, CISM, CISA, PRINCE2 and ITIL as well as technical certifications in solutions such as DLP, SIEM and penetration testing are advantageous
- You communicate confidently in German and English. Any further languages would be an advantage
22
Cyber Risk Data Privacy Specialist Resume Examples & Samples
- Assist clients in designing, deploying and managing repeatable strategic solutions for the management of data privacy
- Support clients with the identification, development and implementation of technological and organizational controls to support the privacy program
- Advise clients in global trends relating to data privacy requirements and work collaboratively with them to enhance capabilities
- Operate as a subject matter specialist
- Understanding of mechanisms to comply with cross-border transfer requirements, such as Safe Harbor, model contracts, binding corporate rules, and similar regulatory requirements
- Experience with an organization's privacy and security due diligence efforts when entering into third party relationships or M&A activities a plus
- Demonstrated ability to identify and address internal and external client needs, including
23
Cyber Risk Technical Resilience Senior Consultant Resume Examples & Samples
- 3+ years IT experience
- Experience with large enterprise recovery solutions
- Awareness of technological and program advancements in resilience
- Strong communication skills: written/documentation, oral, listening, presentation
- Strong interpersonal & leadership skills
- Strong analytical/assessment capability (e.g., conducting gap analyses, risk assessments)
- Ability to leverage and maximize relationships for opportunity development
24
Cyber Risk-services Resume Examples & Samples
- Assist clients in developing cloud security strategies to solve unique cyber risk issues/problems
- Assist clients to conduct cloud security readiness assessments and analysis of prospective Cloud platforms/environments
- Assist in the selection and tailoring of approaches, methods and tools to support Cloud platform adoption
- Design and develop Cloud specific security policies, standards and procedures e.g., account management, password/key management, to vulnerability/threat assessment
- Execute on Cloud security engagements across the lifecycle – strategy, design, implementation and operations
- Be up to date on industry trends around cyber risks and Cloud security
- 10+ years information security and controls experience
- Experience working in or serving companies in the Financial Services industry
- BA/BS in information technology, business administration, or related field preferred
- Experience developing new business and meeting revenue targets required
25
Deloitte, Senior Consultant, Cyber Risk Resume Examples & Samples
- Delivering cyber-related engagements with our clients, including effective people management and working seamlessly and collaboratively with colleagues and clients
- Building and developing long term relationships with across Deloitte and our clients; and
- Contributing to the creation of new Cyber related services and the development of existing services
- Strong commercial awareness and business acumen, including specifically a good understanding of business processes and/or supporting technology
- Excellent interpersonal skills and experience of developing strong relationships, either as a consultant or within an organisation
- Able to solve complex problems objectively individually and as part of a team
- Contribute to the delivery of high quality, complex projects including effective programme, project, financial and people management; and
- Excellent verbal and written communication skills and the ability to tailor communications to people from a wide range of backgrounds and seniorities
- Relevant qualifications, for example A.Inst.ISP, CISSP, CISA or similar
26
Cyber Risk Senior Manager Resume Examples & Samples
- 10+ years of experience in cybersecurity, security operations center, information assurance, information security, enterprise risk management, technical analysis, or a combination thereof
- 7+ years of program management, business development, capture management, and proposal writing experience are required
- 7+ years of cybersecurity/information assurance/risk management experience in a team-lead or supervisory role
- 7+ years of experience in Federal Information Security Management Act (FISMA) Authorization and Accreditation (A&A) /Certification and Accreditation (C&A)
- Commercial Financial Services experience
- Ability to work with multiple teams - e.g., customers, vendors, other Deloitte functions, other government organizations, etc
- Exceptional technical writing skills and attention to detail
- Ability to perform quality assurance and create the highest quality customer deliverables with little or no supervision
- Skilled in PowerPoint, Word, Excel, Visio, Project
- Experience interfacing with and briefing senior military officers or senior government executives
- Experience with systems engineering discipline
- Ability to actively lead and manage project update briefings, working sessions and stakeholder meetings
- Strong knowledge of U.S. Federal and commercial information security program management
27
Cyber Risk Services Resume Examples & Samples
- Demonstrate advanced understanding of business processes and cyber risk management in two or more areas such as
- IT strategy
- IT program management
- Cyber security
- Service delivery and operations
- Third party management
- Data management
- Application management/SDLC
- Service continuity management
- Operate across both technical and management leadership capacities
- BA/BS in information technology, cyber security, information management, information sciences business administration, or related field preferred
- CISSP, CISM, or CISA certification a plus
- Prior Big 4 consulting or other consulting experience desired
- Willingness to travel weekly or as needed based on customer location and new client acquisitions. Typical travel on a weekly bases is 80% (Mon - Thurs)
28
Cyber Risk Technical Resilience Manager Resume Examples & Samples
- 3+ years dedicated disaster recovery/business continuity experience
- Experience with data replication services such as tape-based backup, synchronous and asynchronous replication, SAN or database replication
- Excellent communication skills: written, documentation, oral, listening, presentation
- Strong program management skills: Project Management, Contract Management, Resource Management, Conflict Resolution
- Self-starter. Ability to perform quality assurance and create first-class client deliverables with minimal supervision
- Demonstrated client & industry thought leadership
29
Associate, Cyber Risk Resume Examples & Samples
- Analyzing vulnerability data for trends and develop actionable metrics to drive remediation behavior
- Facilitating regulatory compliance initiatives and requirements between Cyber Risk and Regulatory Compliance teams
- Tracking, Reporting, and escalating on Risk Issues monthly, sending out notifications and reminders as necessary
- Collecting, reviewing, and validating that remediation plans were effective in addressing identified issues
- Coordinating with external vendors for penetration testing activities
- Generating a monthly metrics package to be distributed to Senior Management
- Bachelor's Degree in Business Administration, Information Systems; or equivalent work experience
- Effective organizational skills including attention to detail and the ability to drive change
- Ability to multitask and prioritize work assignments in a time sensitive environment
30
Cyber Risk Analyst Pipeline Resume Examples & Samples
- Assessing cybersecurity risk, designing and guiding organizations through implementation of sound risk management practice, and helping to prioritize and plan efforts to mitigate cybersecurity deficiencies
- Providing program management best practices
- Technical aspects of security architecture, security tools, security control measures, etc
- Designing Security Education and Training programs and clearly communicating complex security issues to students who have a wide range of technical understanding
- Assessing and writing sound information security policies and procedures
- Guiding private sector and public sector organizations into achieving compliance with required standards and implementing due diligence/due care principles
- 5+ years experience in a cybersecurity related occupation to include a strong risk management background and program management experience
- Ability to obtain a Security certification such as CISSP, CISM, CEH, etc within 6 months of start date
- Ability to travel as projects demand
- Ability to obtain a Secret clearance
- Active Security clearance
- Current security certification such as CISSP, CISM, CEH, etc
- Experience in Cybersecurity in the Private Sector, National Security, or Federal Government arenas
31
Cyber Risk Analyst Resume Examples & Samples
- Conduct high risk and sensitive application assessments of internally and externally hosted applications globally according to scope defined by the management team
- Web application penetration testing with track record of end to end testing of complex systems
- Pro-actively research and Identify network and system vulnerabilities and provide recommended counter measures or mitigating controls to reduce risk to an acceptable and manageable level
- Reviews results of network and application assessments in order to determine severity of findings and to ensure proper remediation is applied
- Provide accurate and timely reporting of findings and proposed remediation and mitigations
- Technical support could include but not limited to the following: (1) Audit support & remediation, (2) Process Improvement, (3) Analysis & Reporting, (4) Cross Divisional Functional education, training and awareness, (5) Function/Methodology/Strategy advancement
- Daily project coordination of assigned accounts to maintain a 95% on-time activity execution rate
- Schedule and conduct vulnerability assessments
- Create and present assessment reports to client stakeholders, helping the stakeholders to understand the risks outlined in the reports; answer questions about the findings, and suggest mitigation strategies to reduce the vulnerabilities and risk to the enterprise environment
- Be an active continual learner in the security field and be flexible as the security program evolves
- Participate in and/or lead internal projects and deliverables as assigned/designated by management
- 6 – 8 years of experience in a dedicated threat and vulnerability security position, with a concentration in web application penetration testing and end-to-end vulnerability management
- The ability to travel 25% - 30%
- Experience with security tools & frameworks like Metasploit, Burp Suite, Kali, and Canvas etc
- Knowledge of vulnerability remediation practices
- Understand cyber security threat vectors and threat impact
- Solid understanding of TCP/IP and related concepts
- Solid understanding of cybersecurity methodologies
- Understanding of web application and network vulnerabilities including OWASP, Top 10, and SANS Top 25
- Understanding of common cybersecurity compliance frameworks (ISO, NIST, CSC Top 20)
- Experience in working in multidisciplinary, high-performance teams/groups
- Ability to develop practical and workable solutions for clients’ technical and business problems
- Ability to excel in a fast-paced environment while working under pressure
- Work with minimal supervision as an individual contributor and as part of the team
- Strong analytical and time management skills
- Bachelor’s Degree or higher preferred
- Fortune 500 experience
- QualysGuard Administration, Splunk, RSA Archer, Intelligence Platform gathering
- Knowledge of Vulnerability Remediation practices
- Industry certifications such as CISSP, CCNA, CCNP, MCSE, TICSA, HISP, GSEC, SANS GIAC, ISACA, ISSA, Security +, or vendor specific (Qualys, Juniper, etc)
- Experience with Security Industry standards such as ISO/IEC 27001/27002, NIST 800 Series, and CSC top 20
- Understanding of risk methodologies
32
Senior Manager IT & Cyber Risk Resume Examples & Samples
- Highly developed influencing, negotiating and problem solving skills; Ability to engage, support and challenge at Head of Function & Director level and build strong and effective working relationships
- Thorough knowledge of Group IT and Cyber Risk complexities impacting the business
- Excellent Stakeholder management skills at various levels and personal integrity and ability to foster collaborative teamwork and take leadership at all levels of an organisation
- Extensive experience of having operated at a senior level within an IT and Cyber Risk environment
- Proven change leadership capability, with expertise in managing conflicting priorities, identifying innovative solutions and delivering quality outcomes
- Able to provide constructive challenge to the business and ensure risks associated with IT and Cyber are appropriately addressed
33
Information & Cyber Risk Manager Resume Examples & Samples
- Provision of subject matter expertise (SME) on matters relating to information and cyber risk management
- Lead the provision of information risk management SME advice and guidance to key stakeholders across the Functions including multiple senior Managing Directors and Directors
- Leading investigations, incidents and exceptions to address information risk management matters
- As a key part of the Governance and Control management team support the implementation of an agenda of consistency, effectiveness and efficiency for Information and cyber risk management across the company
- Understanding of the information or cyber risk issues that are relevant to our business and financial services more widely
- Experience of working within information security, including infrastructure security architectures and configurations, application/database security, encryption mechanisms, logical data/information storage techniques, data management and mobile technologies
- Experience of building and maintaining effective relationships at a senior level
- Resilience, able to influence senior management when dealing with complex and competing objectives
- Strong and successful matrix management experience would be beneficial
- Understanding of relevant regulatory environment
- Information or Cyber Risk background,
- Experience of working within information or cyber risk field, including systems audit or internal controls, preferably in the financial sector
- Relevant privacy/information risk qualifications e.g. CISA, CISSP, CISM
34
Information & Cyber Risk Analyst Resume Examples & Samples
- Assessment of information and cyber risks associated with technology projects, solutions and changes
- Lead the provision of INFORMATION RISK MANAGEMENT SME advice and guidance to key stakeholders across the Functions including multiple senior Managing Directors and Directors
- Leading investigations, incidents and exceptions to address INFORMATION RISK MANAGEMENT matters
- Experience of working within information and cyber risk field, including systems audit or internal controls, preferably in the financial sector
- Understanding of the information or cyber risk issues that are relevant to our business and financial services more widely would be beneficial
- Knowledge on information security, including infrastructure security architectures and configurations, application/database security, encryption mechanisms, logical data/information storage techniques, data management or mobile technologies. Knowledge on more than one area would be beneficial
- Experience of building and maintaining effective relationships with stakeholders would be beneficial
- Strong analytical and project management skills would be beneficial
- Influencing and negotiating skills would be beneficial
- Understanding of relevant regulatory environment would be beneficial
- Strong academic background, educated to degree level or equivalent experience
- Relevant privacy/information risk qualifications e.g. CISA, CISSP, CISM would be beneficial
- Experience of COBIT, ISO27001, ISF/IRAM, DAMA and other relevant frameworks
- Information risk / operational risk, especially in relation:-
35
Cyber Risk Resume Examples & Samples
- Cyber security control expertise within complex networks/businesses
- Thorough understanding of the cyber threats relevant to financial service companies, and expertise in assessing risk presented by emerging threats
- Demonstrable competency in performing lessons learnt and root cause analysis for cyber security incidents
- Experience of working within Cyber Risk field, including audit or internal controls, preferably in the financial sector
- Demonstrable track record of strong teamwork and delivery, within and across departmental teams
- Experience of working with multiple stakeholders of different levels
- Strong report writing skills
- Strong influencing and negotiating skills
- English essential (written and spoken)
- Educated to degree level or equivalent work experience
- Depth of knowledge of key areas in Cyber Risk, including vulnerability and threat management (identification, assessment , monitoring and mitigation), network security, application and infrastructure DDoS, software security, exploit mitigation controls and IT infrastructure
- Extensive knowledge and experience in the following – Cyber Security, Cyber incident/threat management, risk management and root cause analysis
- Obtained or perusing professional certification such as CISSP, CISM, CRISC, CISA, etc
- Knowledge of banking regulatory environment
36
Cyber Risk Program Manager Resume Examples & Samples
- Experience facilitating business process design as it relates to managing identities and access privileges
- Understanding of current regulatory environment and related implications to identity management and security/audit compliance
- 3-5 plus years’ experience in developing or implementing information systems
- 1-3 plus Technical architecture experience integrating identity management, access management and access governance software into clients infrastructure and applications for interactions with citizens or customers
- Enterprise Directory Architecture and Design including directory schema, namespace and replication topology experience
- Experience managing projects through the full system development lifecycle
- Familiarity with federated identity and web services security concepts such as SAML, Liberty ID-FF and ID-WSF, WS-Federation, OpenID, OAuth and WS-Security
- Familiarity with tools such as IBM WebSphere
- Experience with one or more directories such as IBM Directory Server
- Experience with one or more databases such as Oracle, IBM DB2 and MS SQL
- Familiarity with: major operating systems such as Microsoft Windows and Unix; mainframe security packages such as TopSecret, ACF2 and RACF; and/or leading packaged application solutions for ERP systems, Active Directory, Exchange, CRM systems or portals
37
Cyber Risk Senior Manager Resume Examples & Samples
- 10+ years of Cyber Security experience in Federal government in at least one or more of the following areas: Computer Network Defense, Security Controls, Identity and Access Management, Privacy and Data Protection, Cyber Analytics, Cyber Security Architecture, SOC, Incident Response, Disaster Recovery, Cyber Threat, and Vulnerability Management
- Experience delivering professional services to the National Security and Intelligence Community Customers
- Demonstrate knowledge in one or more of the mentioned information security domains
- Expert knowledge of Federal government guidance and security industry standards (ISO 17799, NIST 800 series, etc.)
- Supervisory experience and demonstrated leadership capabilities
- CISSP, CISM, or CISA certification
- Prior business development, marketing, or sales experience
- Active Top Secret clearance preferred
38
Cyber Risk Incident Management Senior Associate Resume Examples & Samples
- Promote and implement procedures for use of specific technologies and protocols in the preservation, collection, and analysis of digital evidence during an incident response
- Coordinate people and technology resources, assemble project teams, identify and assign resources, and determine project scope and deliverables
- Communicate (verbally and in writing) externally with clients and internally with all levels of the organization to successfully accomplish objectives portraying knowledge and confidence
- Perform a variety of digital forensic services including (but not limited to) digital evidence preservation, forensic analysis, data recovery, network forensics, malware analysis, electronic mail extraction, and database examination
- Analyze and interpret computer-based evidence such as log files, threat intelligence feeds, SIEM outputs, e-mail, accounting data, various database extracts, and other information stored on electronic devices to develop information necessary to meet the objectives of the engagement
- Assist practice leadership in creating proposals, budgets, and work plans. Participate in other business development activities as appropriate
- Perform all activities in a manner sufficient to meet the legal requirements for admissibility of evidence including maintaining chain-of-custody
- Assess, troubleshoot and resolve a variety of technical issues
- Provide digital forensic advisory services to other Grant Thornton professionals to enhance engagements
- Work closely with Grant Thornton senior managers and partners to promptly identify and resolve client problems or issues
- 6 to 10 years of related work experience in a similar consulting practice or function, servicing cross-industry clients at a national level
- Must have, or be willing and able to obtain, one or more of the following certifications: EnCE, ACE, OSCP, OSEE, GPEN, CCFP, CASP, GFCE, GCIH, GCED, GCFA, GREM, and ECIH
- Two plus years of hands-on experience in digital forensics and/or incident response
- Demonstrated working knowledge of digital forensic tools, methodologies, and protocols including Guidance Software EnCase, AccessData FTK, Linux Distributions including Helix, SPADA, Kali, CAINE, DEFT, Paladin, Raptor, and Robocopy
- Qualified candidate must have demonstrated experience using analytical and investigative skills to support engagement objectives
- Expert-level proficiency in Microsoft Office Suite, Microsoft Project, Microsoft Visio and Adobe
- Proficiency with the Windows Operating System, PC hardware and networking, and network security hardware and software
- Knowledge of the concepts, principles, management, and processing of electronically stored information (ESI) as related to legal matters
- Demonstrated understanding of evidence preservation and chain of custody rules
39
Cyber Risk Privacy Senior Manager Resume Examples & Samples
- Adhere to the highest degree of professional standards and strict client confidentiality
- Execution of assigned client engagements from start to finish, which includes the engagement planning, directing, and completion of privacy impact assessments, compliance assessments, and other related privacy projects while managing those engagements to budget
- Apply current knowledge of data protection and privacy trends and to issues and other opportunities for improvement
- Assist clients in planning and executing implementation plans identified in assessment activities
- Work with the client to plan an engagement strategy, define objectives, and address technology- related controls risks and issues
- Proactively interact with key client management to gather information, resolve problems and make recommendations for improvements
- Ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment
- Work closely with Grant Thornton partners, principals, and managing directors to promptly identify and resolve client problems or issues
- Identify, research, and develop market alliance relationship with leading privacy solution providers
- · Bachelor’s degree required. Advanced degree such as a J.D. is a significant plus
- · Ten + years of related work experience in a similar consulting practice or function, servicing cross- industry clients at a national level
- · Working knowledge of HIPAA privacy, Privacy Shield, GDPR, CANSPAM, and other privacy regulations, and privacy framework especially as it relates to building a privacy and data protection for global organizations
- · Experience in working with data mapping and data discovery methodologies and solutions
- · Experience in working with industry leading privacy solutions such as Nymity, Prifender, OneTrust, PrivacyCheq, PrivacyPerfect, etc
- · Experience in Data Loss Prevention (DLP) solution and DLP managed services is a plus
- · Certification(s) Preferred: Obtained or demonstrates an active pursuit of one or more of the following certifications: Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), Certified Information Privacy Technologist (CIPT), Certified Information Security Manager
- · Experience in project management and the ability to clearly communicate data protection and privacy issues verbally on both a formal and informal basis to all levels of client staff
- · Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships
- · Ability to work additional hours as needed and travel on a regular basis to clients as required
- · Travel for this position can go as high as 60%
40
Cyber Risk Services Resume Examples & Samples
- Strong potential for growth and acceptance of additional responsibilities
- Ability to take a broad view of his/her position and take initiative to communicate, interact and cooperate with others
- Demonstrated ability to write report segments and to participate in presentations
- Open to travel requirements
41
Lead, Cyber Risk Management, SME Resume Examples & Samples
- 8+ years of related experience in data security administration, including supervisory experience
- 1+ year managing technical staff
- Must have past experience in performing Security Impact Analysis of changes to system architecture
- Must be able to identify risks and mitigation solutions
- Must be familiar with FISMA, NIST 800-53, and DOD 8500 security policies or corresponding guideline
- Must have past experience with NIST SP 800-53 security controls and the understanding of control implementations
- Excellent teamwork skills to collaborate with a diverse team of skilled systems engineers, senior management personnel, and customers
- Excellent communications skills to articulate complex technical solutions or issues
- Candidate must be willing to travel to multiple customer sites in the DC Metro area as required
- Ideal candidate will have comprehensive knowledge of Windows and UNIX-based system administration, network management and enterprise systems management
- Candidates will be required to obtain PUBLIC TRUST clearance for multiple customers
- Certifications (one of the following): CISSP, CAP, Security+
42
Cyber Risk Senior Associate Resume Examples & Samples
- Participating in the solution development process and ensuring that customer requests and needs are represented within the product
- Designing and deployment of enterprise software solutions, including on-site implementations
- Assisting with performing technical and competitive analysis of RSA Archer solutions, including performance, debugging and other operational metrics
- Familiarity with risk standards and models is preferred
- Familiarity with Governance, Risk and Compliance platforms is preferred, especially RSA Archer
- Familiarity with Security Analytics is a plus
- Familiarity with Asset Management solutions is a plus
- Familiarity with risk reporting and dashboard solutions, including Business Intelligence platforms, is a plus
- Ability to work with different delivery teams to support technology capabilities as part of larger projects is required
- Ability to consider non-traditional approaches to solve traditional security challenges is important
- Experience in offshore team- and capability-development is preferred
- 3+ years of related work experience in a similar consulting practice or function, servicing cross-industry clients at a national level
- Bachelor's degree in Computer Science, Information Systems, or related field preferred; Equivalent combination of education and demonstrated experience will be considered
- Must have minimally 1 + years of related work experience with GRC platforms
- Demonstrated working knowledge of various standards and guidelines that are applicable to security practices such as ISO, NIST, COBIT and others
- Expert-level proficiency in Microsoft Office Suite, specifically Microsoft Word and Microsoft Power Point
- Ability to understand regulatory impacts to client strategies
- Ability to travel on short notice and work additional hours as necessary
43
Information Risk Cyber Risk Resume Examples & Samples
- Lead stakeholder identification and engagement both internally to Information Security team and wider across the Business
- Lead the assurance that central Controls meet the design and operational requirements of all Businesses
- You must have proven senior stakeholder management experience and proven ability in influencing senior stakeholders
- Build and maintain effective relationships with all stakeholders and develop a network of trusted peers, and become a "go to" advisor for all business areas
- Manage identification of Control Gaps and identification of candidate Owners for those Controls. The candidate must have experience in identifying control gaps and provide, preferably in an Audit function
- Lead statistical analysis of the identified Controls landscape to determine how business performance can be improved (continuous improvement opportunities), and provide statistical substantiated evidence of the risk environment
- Identify where new automation opportunities are present, with appropriate solutions and present to senior stakeholders for adoption
- Candidates holding a current CISSP qualification are preferable. Professional qualifications also desired are CISM, CISA (or similar)
- Information risk / operational / cyber risk, especially relating to Policies covering Information Security
- Business reporting including associated technical and statistical skills
- Structured problem solving, effectiveness/efficiency skills and qualifications (e.g. Six Sigma)
- Production of high-quality communication outputs through varied outputs and sophisticated level of communication skills
- Personal Resilience in a fast-pace, complex and evolving environment
44
VP / VP-head, Cyber Risk Management Resume Examples & Samples
- Experience in executing risk assessment, risk reduction initiatives, assessment of effectiveness of controls
- In-depth knowledge and experience with industry cyber risk & security management frameworks, e.g. NIST Framework for Improving Critical Infrastructure Cyber-security
- Knowledge and experience with legal and regulatory requirements pertaining to cyber risk & security
- Experience in improving cyber risk management processes
- Excellent problem analysis skills and coming up with feasible solutions
- More than 10 years of relevant IT experience, of which more than 7 years are in technology risk & information security, or IT audit
- Relevant IT experience include managing large-scale IT projects, application development & maintenance, production support, and/or infrastructure management
- Degree in Computer Science or equivalent technical degree
- Relevant industry qualifications - CISM, CRISC, PMP, CISA, CISSP
45
Associate / Senior Cyber Risk Services Resume Examples & Samples
- Working knowledge on network devices such as routers and firewalls
- Working knowledge on at least one programming language, e.g. Java, C#
- Familiarity with assessment tools like Burp Suite and Kali Linux
- Familiarity with OWASP Top 10 security vulnerabilities
46
Summer Dallas Advisory Cyber Risk Analyst Resume Examples & Samples
- Deployingvarious technologies to establish data privacy and security controls
- Helping toimprove application security
- Managingsystem and software vulnerabilities
- Establishingmethods for securing “smart” devices
- Developingadvanced cyber monitoring and security analytics solutions
- Establishingcyber crisis management capabilities
- Providingcyber forensics and incident response support
- Bacheloror Master of Science/Business Administration with a concentration in computerscience, information systems, information security, math, decision sciences,risk management, engineering (mechanical, electrical, industrial) or other business/technologydisciplines
- Relevantwork experience (e.g. internships, summer positions, school jobs)
- Abilityto work independently and manage multiple projects/assignments/responsibilitiesin a fast-paced environment
- Demonstrated leadership and strongverbal and written communication skills
- Demonstrated problemsolving and critical thinking skills
- Travel up to 80% maybe required, dependent on role and location
47
Cyber Risk-senior Analyst Resume Examples & Samples
- 4+ years in an information security management or advisory role
- Performing security threat and risk assessments
- Security architecture assessments
- Vulnerability management including penetration testing
- Developing and facilitating security awareness and training exercises
- Knowledge and experiencing in applying standards such as ISO/IEC 27001, SANS Top 20, PCI DSS
- Strong communication skills are a must with specific focus on verbal interaction
- Ability to work well independently and be comfortable leading a team within a client service environment
- A solid understanding of networking, cyber security concepts, secure coding practice and vulnerability identification is necessary
48
IA Cyber Risk Management Analyst Resume Examples & Samples
- Project Start date - April 2017
- Experience with computer auditing procedures
- The candidate should have experience with DoD STIG's, CIS Benchmarks, Nessus, SCAP, ePO, and/or other related hardening and compliance assessment tools to oversee the implementation and enforcement of security policies
- Experience with accreditation documentation
- The position requires strong critical thinking/analytical skills, attention to detail, creativity, and a sustained commitment to excellence and quality
- Must be detailed oriented and have excellent written and verbal communication skills
- A minimum of five (5) years’ experience in information assurance/security. RMF/DIACAP/NISPOM, preferred
- Experience in evaluating hardware security such as Trusted Platform features, EEFI/BIOS security, and sanitization measures
49
IA Cyber Risk Management Analyst, JB Resume Examples & Samples
- Bachelor’s Degree in a technology related field or 5 years of related work experience
- Experience or working knowledge of vulnerability scan procedures
- Must meet the DoD 8570.01-M certification requirements for an IAM – Level I CompTIA Security+ or be able to gain certification within 6 months of start of duties
- The ability to work independently and in a dynamic work environment
- Active Secret clearance which requires U.S. citizenship
- Experience with Windows and Linux client/server security administration and the underlying technologies such as TCP/IP, DNS, LDAP, and the security subsystem (IA&A)
50
Cyber Risk Consultant Resume Examples & Samples
- Working with truly global organizations and the related complexity of their Security requirements
- Working in a multi-disciplined team to bring the best of Accenture to bear in supporting our clients
- Facing real world cyber threats and proactively behaving to make them harmless for our clients
- Designing pragmatic and effective cyber risk framework for our clients
- Design and implement Cyber Risk Process and procedure tailored on our client's business context in order to identify, protect, detect, respond and recover from Cyber Incidents
- Execute Cyber risk and IT security program assessments, conducted on an enterprise-wide basis for specific business areas, provide insight on areas of strength and weakness and guide ongoing investment and cyber risk strategies
- Design and implement cyber risk policies, procedures and guidelines (e.g. Incident Handling)
- Define a robust monitoring and reporting process in order to provide an effective communication of cyber risk profile to different stakeholders
- Design and execute information cyber risk awareness training and educational activities specifically oriented to cyber-security
- Combine problem-solving ability, multi-tasking and on-the-job experience with cyber-risk topics to respond to security incidents, investigate violations and recommend enhancements
- Master's Degree in Engineering, Information Science, Economics
- 1-4 years of experience in Consulting; preferable with experience in Banking, Insurance, and / or Telecommunication Markets
51
Cyber Risk Associate Resume Examples & Samples
- Bachelor’s or Master’s degree in Information Technology or related field
- Major and overall GPA of 3.0/4.0
- Ability to travel 60%-100% as required
- Strong technical aptitude and problem-solving skills
- Ability to bridge the gap between corporate strategy and technology to help deliver sustainable solutions to our clients
- Excellent analytical, communication (written and verbal) and interpersonal skills
- Effective project and time management skills for handling multiple priorities and simultaneous projects
- Enthusiasm to learn through a combination of structured, on-the-job and self-directed training
- Ability to work efficiently and effectively in a complex team environment
- Desire to pursue applicable professional certification (CISSP, SANS GIAC, NSA IAM, NSA IEM., CISA, CISM)
52
IA Cyber Risk Management Analyst Resume Examples & Samples
- Bachelor’s Degree in a technology related field
- A successful candidate will have experience with developing and updating Certification and Accreditation documentation and system authorization artifacts under the Risk Management Framework (CNSSI 1253/NIST 800-53, etc.) or previous C&A frameworks such as DIACAP/NIACAP
- The candidate must have experience with DoD STIG's, CIS Benchmarks, Nessus, SCAP, ePO, and/or other related hardening and compliance assessment tools to oversee the implementation and enforcement of security policies
- Must meet the DoD 8570.01-M certification requirements for an IAM – Level II (CISSP (or Associate), CISM, GSLC, CAP) or be able to gain certification within 6 months of start of duties
- Active Top Secret clearance which requires U.S. citizenship
53
Summer Analyst Cyber Risk Analyst Resume Examples & Samples
- Assist Risk Management team on Project Risk Engagements
- Assist Risk Management team on Entry of Risk Results into the Risk Register and Archer
- Work closely with the head of the EIS Risk and support EIS Project Risk Efforts
- Learn Risk methodology for projects and develop an understanding of Risk Management systems and Risk Management practices
- The ideal candidate is a currently enrolled college student (rising senior or graduate student)
- Generally a GPA of 3.0 or higher and will complete degree requirements in December 2017 or May/June 2018
- Preferred Major in Business or IT
- Excellent computer skills specifically with Microsoft Office (Excel, Word, and PowerPoint)
- Excellent organization and time management skills with attention to detail
- Self-starter with the ability to synthesize ambiguous information
- Ability to work equally well on self-managed or team-oriented projects
54
Cyber Risk Management Program Manager Resume Examples & Samples
- Works closely with the information security team members, stakeholders, and IT staff to create strategy, approach, sequencing, and timeline for projects and the overall cyber risk management program, focusing on process improvements
- Provides intake mechanism for organizational ideas and lead the team members and stakeholders through all stages of the development of a cyber risk management program
- Ensures multiple projects that comprise the program are linked in an effective manner to deliver the expected program outcomes and benefit, in an integrated fashion. Participate as systems/process analyst resource for project managers to steer the project toward the program goals
- Provides and presents organizational communication and education related to the program. Ensure communications are consistent and coordinated
- Serves as lead and point of contact for all security cyber risk management related activities
- Provides direction to team members assigned to projects and operational activities associated with security cyber risk management
- Provides guidance and coordination for cyber risk management efforts including evaluation, risk management activities and reporting to all levels of the organization
- Processes vulnerability and threat data from a variety of internal and external sources to provide actionable risk management tactics to internal consumers in order to reduce overall enterprise cyber risk
- Gathers and analyzes information and provides recommendations to address and resolve cyber risks
- Engages leaders from Technology and the business to understand and prioritize cybersecurity risks through formal risk assessments
- Builds and institutes a cyber risk management program to focus cybersecurity investments with guidance from the Cybersecurity Steering Committee
- Maintains a risk management strategy that incorporates business and technology objectives and outputs from risk assessments
- Creates or implements tools for regular reporting of risk management activities and progress across all areas of information security
- Builds processes and tools to provide the business visibility of cybersecurity risks and drive accountability
- Assists in development and maintenance of policies, standards, processes, and procedures to assess, monitor, report, escalate and remediate cyber risk
- Educates and advises technology and business executives as needed on cyber and technology risk as well as appropriate mitigation strategies and approaches related to security and risk management
- Researches, matures and formalizes a third party cyber risk program
- Gathers and maintains knowledge and spread awareness of trends in the threat landscape
- Serve as the primary point of contact for cyber risk assessment reviews performed by outside entities
- Bachelor’s degree or commensurate experience in a discipline related to the assigned area
- 10+ years of combined healthcare, project/program management
- Must have a minimum of 5-7 years information security experience with an emphasis on experience with large, complex projects and/or programs
55
Senior Consultant, Cyber Risk Resume Examples & Samples
- Own the Information Security management reports ,analysis and dashboards
- Drive exploratory analytics in the space of Information Technology, Enterprise Security infrastructure, Cyber Risk, Enterprise IT risk analytics among others
- Prepare reports, dashboards and business reviews
- Initiate and lead processes to improve data driven information
- Initiate and promote analysis on key business elements
- Identifies opportunity for performance improvement
- Builds & maintains relationships with other disciplines for efficient deployment
- Oversees the implementation of new systems and processes and leads by example
- Minimum graduate degree with 6-8 years of overall experience in the IT Infrastructure space with good understanding of data and analytics
- Good verbal and written communication skills in english and good analytical skills
- Proficient in using various MS office (Excel, PowerPoint, Access) tools including Excel Macros, Share point
- Have experience in log data analysis
- Data visualization using Tableau
- Customer focus - Should be able to manage multiple stake holders spread across geographies and project manages with minimal hand holding
- High level of creativity and engagement
- Proven communication skills, able to articulate and adapt communication style for all levels through the organization
- Exposure to SAS and R is preferable
- Exposure in the following is an advantage, however not mandatory
56
Cyber Risk Defense Intern Resume Examples & Samples
- Completes work assignments by applying up-to-date knowledge in subject area to meet deadlines; following procedures and policies, and applying data and resources to support projects or initiatives; collaborating with others, often cross-functionally, to solve business problems; supporting the completion of priorities, deadlines, and expectations; communicating progress and information; identifying and recommending ways to address improvement opportunities when possible; and escalating issues or risks as appropriate
- Pursues self-development and effective relationships with others by sharing resources, information, and knowledge with coworkers and customers; listening, responding to, and seeking performance feedback; acknowledging strengths and weaknesses; assessing and responding to the needs of others; and adapting to and learning from change, difficulties, and feedback
- Develops user forms and interfaces using HTML, JavaScript, CSS code to control and enhance the workflow user experience
- Identifies opportunities and improve cyber security workflow
- Participates in regular operations meeting with workflow and metric stakeholder teams
- Publishes executive and operational metric dashboards
- Publishes audit-ready process documentation on a collaboration tool
- Provides proactive monitoring, response, and support for workflow operations
- Provide support of the workflow infrastructure which may include occasional after-hours testing of deployed upgrades
- Proven knowledge of HTML, CSS, SQL and Javascript
- Knowledge or experience with Tableau data visualization
- Knowledge or experience in business process design
57
Cyber Risk Senior Manager Resume Examples & Samples
- Lead the development and implementation of the Group Cyber Strategy, working collaboratively with all business units and external partners
- Maintain a leading awareness of industry best practice and regulatory requirements to support the strategic direction
- Implement and lead continuous improvement recommendations with respect to Group wide cyber risk management
- Lead engagement with the regulators on cyber risk and security, including the reporting framework in collaboration with Operational Risk
- Lead and produce Board and Executive cyber risk reporting and the associated governance
- Develop and maintain effective strong working relationships with senior stakeholders within and external to the Group
- Must have prior experience of and be able to demonstrate successful performance in a similar role, with strong working knowledge of cyber risk and security principles
- Excellence stakeholder management skills and experience, with the ability to build rapport quickly and influence at senior levels
- Highly competent in translating complex technical language into plain concise business language
- Excellent verbal and written communication skills, with particular emphasis on production of PowerPoint packs. (Especially to senior colleagues, requiring a high level of attention to detail)
- Proven ability and experience of leading the development and production of succinct, high quality Board and Executive level reporting
58
Cyber Risk Manager Resume Examples & Samples
- Assist with the development of sales opportunities
- Manage teams to deliver Cyber Risk projects in a people-oriented and mentoring culture
- Assist leadership with maintaining productive relationships with client management
- Generate new business opportunities, operate in a matrix environment, and work in a cross-functional team to drive $500k in sales and manage projects and teams that contribute $750K in revenue
- Familiarity with Cyber Risk standards and models is preferred
- Ability to consider updated thinking to solve traditional security challenges is important
- Experience with utilizing and managing offshore teams is a plus
- Promote and implement procedures for use of specific technologies and protocols in the delivery of Strategy related solutions
- Maintain a good working relationship with clients and work effectively with client management and staff at all levels to gather information and perform services
- Work closely with Grant Thornton leadership to promptly identify and resolve client problems or issues
59
Cyber Risk Privacy Senior Manager Resume Examples & Samples
- Bachelor’s degree required. Advanced degree such as a J.D. is a significant plus
- Ten + years of related work experience in a similar consulting practice or function, servicing cross- industry clients at a national level
- Working knowledge of HIPAA privacy, Privacy Shield, GDPR, CANSPAM, and other privacy regulations, and privacy framework especially as it relates to building a privacy and data protection for global organizations
- Experience in working with data mapping and data discovery methodologies and solutions
- Experience in working with industry leading privacy solutions such as Nymity, Prifender, OneTrust, PrivacyCheq, PrivacyPerfect, etc
- Experience in Data Loss Prevention (DLP) solution and DLP managed services is a plus
- Certification(s) Preferred: Obtained or demonstrates an active pursuit of one or more of the following certifications: Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), Certified Information Privacy Technologist (CIPT), Certified Information Security Manager
- Experience in project management and the ability to clearly communicate data protection and privacy issues verbally on both a formal and informal basis to all levels of client staff
- Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships
- Ability to work additional hours as needed and travel on a regular basis to clients as required
- Travel for this position can go as high as 60%
60
Cyber Risk Managed Threat Services Level Analyst Resume Examples & Samples
- BA or BS in Computer Science or Information Management desirable or equivalent work experience
- Certification include Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), CISSP, Certified Ethical Hacker (CEH)
- Willing to work any of the three 10 hour shifts to offer 24 hours support service
- Experience with the following technologies: leading SIEM technologies, IDS/IPS, network- and host- based firewalls, data leakage protection (DLP)
- Understanding of common network devices such as routers, switches
- Understanding of basic networking protocols such as IP, DNS, HTTP
- Basic knowledge in system security architecture and security solutions
61
Cyber Risk Secure Senior Manager Resume Examples & Samples
- 8+ years demonstrated ability to translate business, risk and regulatory requirements into Secure data solutions, and to effectively communicate those solutions to business leaders and executives
- 8+ years demonstrated experience in designing and implementing technology and process solutions to reduce the potential risk of data compromise
- Broad business and strong relationship management experience, knowledge, and skills
62
Cyber Risk Manager Risk Advisory Resume Examples & Samples
- Deliver to our Clients a wide range of cyber risk projects in the areas of strategy, governance and risk management, operating models, security operations, and incident response
- Day-to-day project management activities including: planning, budgeting, scope management and communication
- Provide oversight, guidance and direction to team members on multiple concurrent and complex projects
- Conducting research to maintain and expand knowledge on latest market trends, security technologies and standards, as well as the threat and vulnerability landscape
- Become a trusted advisor to our clients and help them identify areas to improve their security controls and better manage cyber risk
- University degree in Information Technology or Computer Science and a postgraduate qualification in Information Security
- Minimum 5 years’ of working experience in the area of Cyber Security, ideally in a consultancy services firm
- Experience in leading a team of information security or information technology professionals
- Relevant professional certifications, such as: CISA, CISM, CRISC or CISSP
63
Cyber Risk Consultant Resume Examples & Samples
- 0-1+ year(s) of relevant consulting or industry experience
- Support clients through external security and identity certification programs such as the Federal Risk and Authorization Management Program (FedRAMP), HITRUST and Federal Identity Credential Access Management (FICAM)
- Help review and improve application security and security documentation
- Facilitate system and software vulnerability scanning and remediation
- Report work stream status and risks
64
Cyber Risk Manager Resume Examples & Samples
- Understanding emerging risk trends, technical reviews, security threats, business requirements, and architectural views in order to provide input on solutions
- Developing and managing an enterprise risk register by collaborating with stakeholders across compliance, internal audit, technology, security and business units
- Establishes processes to identify areas of potential risk
- Provide quantitative and qualitative information to support the prioritization of tactical and strategic risk mitigation projects
- Assist in the development and implementation of new risk initiatives, including policies, processes and awareness programs
- Conducts and assists in Risk assessments related to infrastructure, platforms and applications in accordance with Risk Program methodology
- Conducts and participates in vulnerability assessments for various disciplines
- Recommend and implement solutions to address findings from risk assessments
- Participates in key or major projects across technology that have a high inherent risk profile to assist in establishing risk controls to mitigate the residual risk to an acceptable level
- Review and evaluate global cybersecurity requirements. Provide input to control teams, technology organizations, and risk management to ensure consistency of message to executives and/or identify areas of disagreement between the Lines of Defense
- Significant Event Analysis - Develop and perform ongoing analysis of Operational Risk loss, near miss and external events to inform auditors, technology assessments and scenario analysis. Investigate Operational Risk events meeting selection criteria; Assist LOB in determining the appropriate consideration of technology risk management and risk events
- New Business Initiatives (NBI) - Assist technology stakeholders with cybersecurity perspective on new business initiatives. Independently review architecture, standards, risk remediation activities
- Cyber Risk Appetite/ Key Risk Indicators (KRI) - Work with Cybersecurity to approve KRIs and KRI aggregation structure. Assist in development, approval and maintenance of firm’s Cyber Risk Appetite statement. Monitor KRIs and escalate breaches to Control Committees as appropriate
- Manage a diverse stakeholders of technologists focused on risk assessments of cyber controls, and collaborating with the various support organizations
- Liaise with Legal, Finance, Operations, audit and HR offices for integration of security strategy
- Ability to lead small, less complex system assessments independently
65
Head of Global Cyber Risk Resume Examples & Samples
- Developing and implementing Global Cyber advisory strength in line with executive sponsor and OpCo guidance
- Accountable for financial performance and costs associated with all cyber related activities
- Implementing and executing the CRB Cyber strategy within Global Financial Lines
- Recruit, motivate, mentor and manage workflow of staff; ensure succession planning is in place for core team
- Responsible for resource allocation across CRB, HCB, IRR, and ES to meet demand in the cyber segment
- Lead initial sales and new business development strategy
- Lead initial branding strategy including content, analytics, affiliate relationships, training & education, COI networking
- Lead new product development strategy in the cyber segment across the organization
- Provide operational leadership by leading an efficient business (resource deployment)
- Technical knowledge of insurance contracts/structure
- Ability to manage and lead staff
66
IA Cyber Risk Management Analyst Resume Examples & Samples
- A minimum of two (2) years’ experience in information assurance/security. RMF/DIACAP/NISPOM, preferred
- A successful candidate will have some experience with processing and updating Certification and Accreditation documentation and system authorization artifacts under the National Industrial Security Program Operating Manual (DoD 5220.22-M) or previous C&A frameworks such as DIACAP/NIACAP/JAFAN
- The candidate should have some experience with DoD ODAA hardening guidance and STIGs, and/or other related hardening and compliance assessment tools to oversee the implementation and enforcement of security policies, as well as, the concept for conducting computer log audits
- Must meet the DoD 8570.01-M certification requirements for an IAM – Level I (CompTIA Security+ certification) or be able to gain certification within 6 months of start of duties
- Be experienced in evaluating hardware security such as Trusted Platform features, EEFI/BIOS security, and sanitization measures
- CISSP, CEH certifications
- Top Secret with SSBI clearance
67
Cyber Risk Services Resume Examples & Samples
- 10+ years of experience with large enterprise resilience and recovery solutions
- Expertise in data backup & replication services such as tape-based backup, synchronous and asynchronous replication, SAN or database replication, and snapshot journaling
- Expertise in recovery in virtualized environments including Cloud technologies, Wintel and Unix/Linux Infrastructure IT environments, software defined networks and Wide Area Network (WAN) principles
68
Senior Cyber Risk Defense Analyst Resume Examples & Samples
- Investigate potential cyber-attacks and intrusion attempts, and lead containment, eradication, recovery, and lessons learned analysis of actual incidents
- Perform root cause analysis to identify gaps and provide technical and procedural recommendations that will reduce AIG’s exposure to cyber-risks
- Prioritize incoming requests to minimize risk exposure and ensure the timely completion of critical tasks and the escalation of time-sensitive issues
- Provide ongoing mentorship to junior Cyber Analysts and liaise with members of other gCDC functions to assess and mitigate the risks posed to AIG by identified threats
- Provide expert input on Incident Response process definition and support the development and maintenance of documented play-book procedures, knowledge articles, and training material
- Communicate effectively with other stakeholders of our incident response efforts, including representatives of the business units, technology specialists, vendors, and others
- Contribute to our efforts to drive continuous improvement by recommending and collecting various key metrics for reporting to senior management on Incident Response
- A deep understanding of cyber security operations processes, procedures, guidelines and solutions, including practical experience of cyber kill chain principles
- In-depth understanding of Windows, UNIX, and Linux operating systems, networking, malware defenses, and perimeter controls
- Knowledge of TCP/IP networking and core Internet protocols such as UDP, ICMP, DNS, FTP, SMTP, HTTP, SNMP, etc
- Development in at least two of the following languages: C, C++, Java, Perl, Chef, and Python
- Ability to contribute to the development of custom IDS signatures or SIEM use cases
- Knowledge of adversary tactics, techniques, and procedures, along with analysis of advanced intrusions across a complex global network; and basic cyber-security forensics procedures
- Strong oral and written communications skills (e.g., technical writing, user guide development, requirements analysis) and ability to interact effectively with technical and non-technical audiences, as well as present in front of small and large groups
69
Cyber Risk Defense Analyst Resume Examples & Samples
- Leverage aggregated cyber threat intelligence, log, network flow, and anomaly data for analysis, research and the identification of potential compromise within AIG’s infrastructure or applications
- Investigate escalations from the Alert Validation team. Accept or refute escalations, performing incident response to accepted events, or providing constructive feedback for refuted events
- Liaise with other gCDC functions to assess the risks posed to AIG by identified threats
- Provide input on Incident Response process definition and support the development and maintenance of documented play-book procedures, knowledge articles, and training material
- Create detailed incident and analysis reports, and provide concise summaries for management
- Share unique expertise and knowledge with the team further enhancing our response capability
- Contribute to our efforts to drive Incident Response continuous improvement by recommending and collecting various key metrics for reporting to senior management
- An understanding of cyber security operations processes, procedures, guidelines and solutions, including practical experience of cyber kill chain principles
- Familiarity with Windows, UNIX, and Linux operating system administration, networking, malware defenses, and perimeter controls
- Ability to innovate, develop, implement, and document complex technical solutions
- Development in at least one of the following languages: C, C++, Java, Perl, Chef, and Python
- Knowledge of adversary tactics, techniques, and procedures, along with analysis of intrusions across a complex global network; and basic cyber-security forensics procedures
- Understanding of how to read and interpret malware analysis reports
70
Cyber Risk Defense Team Lead Resume Examples & Samples
- Lead a team of Cyber-risk Defense Analysts with diverse expertise in cyber intelligence, threat hunting, malware analysis, and log analysis through all phases of threat detection and response
- Assess team member capabilities and assign duties to craft an agile and high performance team
- Provide ongoing mentorship and encouragement to junior team members while regularly communicating the gCDC vision and the significance of our Cyber-risk Defense mission
- Motivate the team to maintain an “Assumption of Breach” mentality stimulating enthusiasm for finding new threat activities and evicting threat actors from the network
- Prioritize incoming requests and ongoing investigations to minimize risk exposure, ensure the timely completion of critical tasks, and provide swift escalation of time-sensitive issues
- Coordinate response efforts with other Cyber-risk Defense Team Leads to ensure optimal allocation of resources toward threat detection and response capabilities
- Coordinate the activities of multidisciplinary crisis response teams during severe incidents
- Oversee creation of detailed incident reports and provide oral and written executive summaries that clearly convey incident status, potential risks, and remaining mitigation tasks
- Contribute to our efforts to drive continuous improvement by recommending and compiling various key metrics for reporting to senior management on Incident Response
- Provide expert input on Incident Response process definition and spearhead continuing evolution of documented play-books, procedures, knowledge articles, and training material
- Liaise with members of other Technology Risk Office functions and provide subject matter expert input into the development of security gap assessments, policies, and security awareness
- Participate with other experts throughout the company to plan, test, and improve incident response capabilities
- Maintain awareness of emerging detection and response technologies, engage vendors, define requirements, and offer recommendations that illustrate how the tool will enhance our capability
- Proven success in coordinating incident response activities in large complex business with multidisciplinary participants
- Ability to lead and inspire a team toward continual achievement of the team’s mission
- A deep understanding of cyber security operations processes, procedures, guidelines and technologies, including practical experience of cyber kill chain principles
- Broad understanding of adversary tactics, techniques, and procedures, along with analytics of advanced intrusions, lateral movement, persistence, and evasion techniques
- Understanding of Windows, UNIX, and Linux operating systems, malware defenses, along with other perimeter, internal, and host-based security controls
- Strong verbal and written communication skills demonstrated by the ability to communicate complex technical issues in concise, impactful statements for a variety of audiences
- Strong deductive reasoning, critical thinking, problem solving and prioritization skills
71
Technology & Cyber Risk Partner Resume Examples & Samples
- Accountable for providing technology and cyber risk and control support
- Directly aligned to one or more BUK CIOs (and possibly CIO direct reports), sitting on their management team and responsible for shaping the technology roadmap
- The role-holder will incept, direct and deliver all technology and cyber risk activities within their aligned business/product areas
- Responsible for the delivery of multiple initiatives covering the global risk mitigation agenda
- Ownership of senior stakeholder relationships with multiple teams on behalf of BUK Technology Risk & Control, ensuring world class delivery to and support of BUK customers and clients
- Stakeholder Management, including CIOs and senior business colleagues
- Shaping and driving the technology roadmap
- Engaging with global Regulators to respond to formal inspections or ad-hoc reviews of risk management practise
- Experience in the field of Technology Risk and Cyber Risk management, ideally as applied to the aligned BUK Business Area and Horizontal Centre of Excellence
- Experience of working in a First Line of Defence Technology Risk environment and building effective working relationships with Second Line and Third Line of Defence Teams
- Experience in Sarbanes-Oxley programme delivery, including: assessment and remediation implementation in both application controls and infrastructure controls
- Experience in management and delivery of major change and organisational transformation programmes
- Technology risk and control related qualifications preferred, e.g. CRISC, CISSP, CISA, etc
- Outstanding ability to assess, quantify, effectively communicate and gain buy-in to risk management by Senior Technology management
- A full and comprehensive understanding of risks mitigation techniques within a Technology environment
- Strong relationship building/maintenance skills across all levels of Technology Management and teams
- Excellent negotiation skills and demonstrable experience using these skills with key Risk partners (Regulatory bodies, Internal Audit, External Audit, ORM, IRM)
- Excellent understanding of relevant and up-to-date technical knowledge, applications and techniques
- Utilises knowledge of Barclays, BUK and the Risk industry to deliver best and innovative solutions
- Demonstrates ongoing current knowledge of breadth of services and products offered by Barclays and particularly the BUK business area supported. Utilises this knowledge to anticipate potential risk areas and works with management on devising the appropriate mitigation techniques
- Proactively transfers technical knowledge and strategic business insight to the team by mentoring line managers to ensure technical knowledge is cascaded
- Strong knowledge of key issues regarding Cyber, IT Security and Information Risk Management
- Maintains deep understanding of Barclays’ strategic goals as well as knowledge of the financial services industry and best practices of leading technology organisations
- Drives to deliver major change initiatives across the Group
- Maintains deep understanding of Group Technology wide objectives, interactions, issues and risks
- Demonstrates ability to manage large global programmes in complex varying environments. Utilises practical experience of managing and implementing change to guide colleagues and to mitigate potential risks
- Links a comprehensive and deep understanding of customer's long term needs and strategies with current initiatives and ensure focus on delivering to customer’s needs
- Acts as a key decision-maker and produces results even in the face of adversity
- Works collaboratively with external stakeholders to ensure appropriate involvement in large scale change management initiatives in BUK
- Utilises the ability to shape thinking of key people in multiple functional areas to change decisions, opinions, attitudes or behaviours
- Influences positive relationships with key stakeholders in Technology, customer groups, and external stakeholders e.g. regulatory, professional associations and industry professionals
- Delivers results in more favourable customer/ colleague opinion, improvement in external perception and increases support for programmes and services
- Encourages a collaborative approach to delivery of Technology to business function to ensure integrated solutions are offered to business problems
72
Cyber Risk Management & Initiatives Analyst Resume Examples & Samples
- Candidate must have significant (10 years +) experience within the USCENTCOM AOR and must be familiar with its and the Components’ missions
- Candidate must have a solid familiarity with defense-in-depth capabilities, application and network security
- Must be familiar with a wide range of security technologies including, but not limited to Security Incident and Event Management (SIEM), IDS/IPS, malware analysis and protection, content filtering, perimeter access controls, logical access controls, identity and access management, and data loss prevention
- Candidate must have strong communications skills both verbally and in writing
- Candidate must be able to read and understand DoD Cyber Security orders, policies and procedures
- Candidate must possess extensive administrative and clerical skills
- Name/describe skills that would be helpful but not required at hire–e.g., skills that could be learned or taught within the first months of hire)
- Experience with USCENTCOM, HBSS, and ARCSIGHT, WSUS/SCCM software is a plus
73
Cyber Risk Analyst Resume Examples & Samples
- A minimum of four (4) years dedicated continuous work as an Information Technology Specialist
- A minimum of two (2) years of IT security experience for Commercial Off the Shelf (COTS) or custom built .NET and Java application programming
- An Associate degree in Computer Science, Information Assurance or related field from an accredited institution whose accreditation is recognized by the U.S. Department of Education or the Council for Higher Education Accreditation (CHEA), or a foreign equivalent
- Bachelor's degree or higher in IT Management, Computer Science, or related field in Information Management, Information Security or Cyber Security from an accredited institution whose accreditation is recognized by the U.S. Department of education or the Council for Higher Education Accreditation (CHEA)
- At least one of the following professional Level-2 certification as defined by the Department of Defense 8570.01-M Information Assurance Workforce Improvement Program such as Security+, CISSP, GSEC, SCNP or SSCP
- At least one of the following computer environmental certifications, Certified Risk and Information Systems Controls (CRISC), Global Information Assurance Certifications – Certified Intrusion Analyst (GCIA), Certified Incident Handler (GCIH), or EC-Council Certified Security Analyst (ECSA)
- Knowledge of new and emerging IT and information security technologies
- Knowledge of relevant laws, policies, procedures or governance as they relate to work that may impact critical infrastructure
- Knowledge of current emerging threats/threat vectors
74
Cyber Risk Architect Resume Examples & Samples
- Engage with other elements of the Bank to all security architecture assessment efforts are integrating with Bank's overall IT vision/strategy/architecture
- Participate in the identification and assessment of technology solutions and work with engineering teams to develop a strategic implementation roadmap for security technologies as necessary
- Provide direction, oversight, advice and guidance to direct reports and functional teams to create and foster a culture of architectural excellence: ‘Do it once, do it right’
- Serve as a senior architect and technical lead supporting the Lead Cyber Risk Architect and Global Head of IT Security (GHITS) on IT security strategic planning, risk analysis and other related topics as necessary
- Represent the Lead Cyber Risk Architect with technology planning and implementation activities as necessary
- Documented experience assessing risk, developing cyber and information security, process, and frameworks, especially requirements definition and specifications
- Detailed understanding of cybersecurity threats, vulnerabilities, protection measures, and technologies organizations face
- Knowledge of the cybersecurity industry and measures/techniques applied to both measure and reduce risk
- Excellent team leader and manager, able to work in virtual teams and a matrix organization
- Documented experiences of senior level representation and team building skills
- Strong stakeholder management & communication skills,
- At least one of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified Information Systems Manager (CISM)
- Experience working in large multilayer global organizations with competing IT interests and goals
- Fluent in English (written/verbal)
- Familiarity with cyber security architecture using trusted computing model
- Working knowledge of IT management frameworks such as Control Objectives for Information and Related Technology (COBIT) and Information Technology Infrastructure Library (ITIL)
- Security auditing to include knowledge of financial industry regulations: Gramm-Leach Bliley Act (GLBA), Payment Card Industry (PCI), and Federal Financial Institutions Examination Council (FFIEC), Monetary Authority of Singapore (MAS)
- Experience working with a Global Financial Insititution
- Bachelor’s degree (required)
- 15 years of progressive cybersecurity experience
- Masters or Ph.D. in Computer Science, Computer Engineering, or Information Systems degree (Preferred)
75
Cyber Risk Data Privacy Senior Consultant Resume Examples & Samples
- 3+ years of experience with privacy and security requirements. This includes a thorough understanding of how privacy relates to business drivers, legal requirements, marketing functions, technical / security controls, and organizational operational risk tolerance
- Experience performing surveys and inventories across regional and global distributed organizations
- Knowledge of international privacy legislation including the EU, Asia, Australia, and Canada, and applying legislative requirements within an operational context
- 3+ years of experience building privacy requirements frameworks/matrices, and performing audits of networks, operating systems and applications for privacy requirements
- BA/BS in information technology or related field or significant industry work experience
76
Cyber Risk & Resiliency Resume Examples & Samples
- Maintaining and advancing the portfolio of projects
- Providing technology planning/IT roadmapping, information security advisory services, and cyber resilience planning across the WPO
- Collaborate with Service Delivery Organizations to provide technology excellence in support of the Fedwire Services
- Assist in creating, standardizing, documenting, and executing strategic plans related to the CPMI-IOSCO guidance for cyber resilience
- Develop process maps for resiliency management activities that reflect the WPO’s efforts to identify, protect, detect, respond and recover from potential cyber threats and maintain situational awareness
- Develop and deliver written and verbal communications, including proposals, reports, presentations, and procedures, including recommendations for all levels of management
- Develop and maintain detailed metrics on cyber resiliency, readiness, crisis and incident reporting
- Assist with conducting cyber resilience table-top exercises with business leaders to ensure soundness of business continuity plans
- Develop comprehensive reports including the scheduling, tracking, and reporting on resiliency and test deficiencies and development of follow-up action plans
- Research and remain current on the latest cyber resilience trends and assess applicability to wholesale services. Provide recommendations for incorporating industry success practices for wholesale services
- Perform gap analysis as need in the evaluation of frameworks, or controls assurance program reviews as necessary in areas critical to maintaining resiliency
- Bachelor’s degree and 7-10 years of related professional experience and a background in information security and CISSP certification strongly desired
- Ability to obtain U.S. Top Secret Security Clearance, which includes verification of U.S. Citizenship
- Demonstrated experience in the operational aspects of building and leading a cyber-resiliency program including a background establishing a National Institute Standards in Technology (NIST) Cyber Security Framework
- Experience with NIST protection controls, contingency planning guide and Business Impact Analysis
- Experience with asset management techniques and mapping dependencies
- In-depth experience with operating and/or protecting information systems supporting US financial markets critical infrastructure
- Background creating business impact analyses, cyber risk assessments, and developing resiliency scorecards and reporting for senior leaders
- Experience in leading a critical operation(s) across multiple geographic locations
- Ability to understand and synthesize technical issues in discussions with technical and non-technical representatives
- Excellent consultative, communication, writing and project management skills
- Able to travel occasionally and to work weekends for business continuity tests
77
Cyber Risk Data Privacy Manager Resume Examples & Samples
- Knowledge of U.S. privacy legislation such as HIPAA, CAN-SPAM, COPPA, FCRA, GLBA, stated privacy laws, state data breach laws and the capability to apply regulatory requirements within an operational context
- 5+ years of experience building privacy requirements frameworks / matrices and performing audits of networks, operating systems and applications for privacy a requirements
- Knowledge of technologies used to collect, share, access and use personal data such as cookies, web beacons, P3P, JavaScript, CGI scripts, client side software, CRM, HRIS, data warehouse, and web analytic and decision support software
- Willingness to travel up to 80%
78
Cyber Risk Senior Analyst Resume Examples & Samples
- Act as a significant point of management for Cyber Risk Policy through the process of initial analysis, continuous revision, and consistent communication of requirements to constituents
- Conduct detailed research, review and investigation to assist with the completion of deliverables that arise with respect to various management committees such as the Cyber Security Oversight Committee
- Liaison with Risk Managers to ensure effective Policy and Procedure needs are met
- Socialize Policy and Procedure across key constituents to ensure viability
- Assist in maintaining a project portfolio of activities, projects and initiatives, prioritized and supported by timeline
- Contribute to the completion of deliverables such as the ongoing analysis and reporting of project status
- Communicate priorities and ongoing activities in various forums with a goal of maintaining transparency into group activities and priorities
- Support risk training and awareness initiatives, coordinating training for key Cyber Risk issues across groups within the bank
- Facilitate the management of cyber related due diligence and request for proposals
- Maintain cyber related due diligence documentation relevancy through a caretaking and management process
- Conduct detailed research, review and investigation to assist with the identification, assessment and mitigation of cyber risk inherent in the bank from various risk drivers such as regulatory, external, and internal
- Work with the Cyber Management team to participate in the cyber governance process
- BA/BS degree in related field and/or equivalent experience
- 3-5 years of relevant experience with 2 plus years of related risk, analytical, project management or business experience
- Excellent written and oral communication abilities
- Exceptional client service skills, business acumen and professionalism
- Proven ability to take the initiative as well as manage multiple priorities
- Any of the following are a plus: PMP, CSSP, knowledge of internal BBH areas, AML, KYC, Compliance, Audit, Systems
79
Cyber Risk Senior Consultant Risk Advisory Resume Examples & Samples
- Identify opportunities for efficiencies in work process and innovative approaches to completing scope of work
- Maintain responsibility for completion and accuracy of work products
- Assist in proposal development, as requested
- Actively expand consulting skills and professional development through training courses, mentoring, and daily interaction with clients
- Provide counselling and training to less experienced personnel
- Minimum 2-3 years’ of working experience in the area of Cyber Security, ideally in a consultancy services firm
- Relevant professional certifications, such as: CISA, CISM or CISSP
- Strong demonstrated knowledge in one or more of the following Information Security areas
80
Cyber Risk Consultant Risk Advisory Resume Examples & Samples
- Deliver to our clients a wide range of cyber risk projects in the areas of strategy, governance and risk management, data privacy and protection, business resilience and recovery
- Conduct IT controls reviews, security assessments and attestation of IT controls in compliance with various regulatory frameworks and industry standards (e.g. SOX, ISAE3402, ISO27001 etc.) and providing recommendations for remediation actions
- Conduct IT risk assessments and developing IT policies and procedures towards establishing an effective and secure IT Governance framework
- Participate in team problem solving efforts and offer ideas to solve client issues
- Conduct relevant research, data analysis, and create reports
- Maintain detailed documentation of work undertaken
- Professional certification CISA, CISM or CISSP (partially completed or completed) will be considered a plus
- Knowledge in one or more of the following Information Security areas
81
Cyber Risk Intelligence Analysis Manager Resume Examples & Samples
- Lead cyber intelligence production within the Cyber Risk organization, producing strategic intelligence products and threat forecasts, and serve as a primary liaison to the first line intelligence components
- Manage intelligence analysts, review analytical products and drive analytical planning and the intelligence production cycle
- Manage cyber intelligence projects and programs with a host of participants and stakeholders while guiding analytical efforts on complex cyber issues. Drive outcomes and recommendations of intelligence projects into Citi businesses globally
- Guide decisions by intelligence, policy, business and client groups concerning cyber threat issues
- Develop, implement and track performance metrics on the impact of cyber intelligence production on business processes, procedures and/or policies globally
- Bachelors degree in Computer Science, Cyber Security, Homeland Security or Political Science. Academic or equivalent work experience in writing or communications
- 7+ years of work experience in cyber intelligence strategy and analysis
- Extensive outreach experience on cyber and intelligence issues
- Advanced analytic tradecraft skills
- Strong analytic writing and verbal communication skills with a demonstrated history of briefing senior-level executives and external seniors within client organizations
- Strong internal project management experience on intelligence and information security issues
- Advanced knowledge of open source intelligence research and methodologies
- Possess Information Security Certifications
- Previous US Intelligence Community background preferred
82
Cyber Risk Director Resume Examples & Samples
- Responsible for managing and executing 1st line of defense Information Technology risk management to ensure effective identification, measurement, control and management of the relevant IT risks
- Responsible for ensuring IT risk remediation of gaps and open issues, driving on time closure
- Supervise production of risk reporting and support ad-hoc management report requests
- Develop and maintain relationship with 2nd line IT risk and compliance functions
- Participate in industry-related forums and training activities to stay current with risk management practices
- Promotes and drives risk awareness as it relates to technology related operational risks
- Matures the risk based metrics, scorecards and dashboards to track performance as well as identify and monitor trends across the organization
- Stays current in technology specific operational risk management techniques, industry best practices, and regulatory requirements
- Develop methodologies and practices to refine the technology risk framework that drives risk-aware, transparent decision making
- Acts as a liaison, maintaining effective and professional relationships with information technology, enterprise risk, supplier risk, Business Continuity Management, business and support areas, internal and external auditors, Federal and State regulators, and others dealt with in a professional capacity
- Working knowledge of common information security concepts, practices, and technologies, including best practices for
83
Cyber Risk Architect Resume Examples & Samples
- Engage with other elements of the Bank to all security architecture assessment efforts integrating with Bank's overall IT vision/strategy/architecture
- Support the Lead Cyber Risk Architect on IT security strategic planning, risk analysis and other related topics as necessary
- Excellent team member, able to work in virtual teams and a matrix organization
- Strong customer service and communication skills
- Fluent in English (Written/ Verbal)
- Familiarity with ISO 27001, 27002 and 27005
- Optional Skills
- Experience working with a Global Financial Institution
- Bachelor’s degree (Preferred)
- 7-10 years of progressive cybersecurity experience
84
Southern Zone Cyber Risk Consultant Resume Examples & Samples
- Manage the Client Service Process including service plan development, service coordination, report reviews, stewardship meetings
- Evaluate the existing risk controls that shield the assets: infosec tools, legal contracts, insurance policies. Then find gaps where perils and vulnerabilities could cause unanticipated losses and liabilities. Provide consulting services to improve the risk quality of accounts
- Quantify the probability and severity of potential direct and indirect impacts; e.g. liabilities, fines, interruptions, corruptions, opportunity costs, contingent impacts to others
- Develop and maintain security subject matter expertise
- Envision and help develop new insurance and risk-service offerings that can be sold to existing clients. Devise remediation plans for new consulting clients and industry groups
- Expand AIG's offering to encompass all aspects of risk management: how to avoid, prevent, mitigate, legally transfer, and financially insure new and emerging risks of hazards discovered in engagements
- Present high-level risk reviews and analyses to executive committees, industry leaders, privacy regulators, and national-security organizations
- Engage and support the underwriting team and brokers in cyber security education, thought leadership and sales training around service offering
- Develop and continually revise the risk engineering process
- Research, identify, evaluate, select, and negotiate with Partners to expand the value add services AIG brings to cyber risk management
- Identify consistent areas of weaknesses and work with internal resources and external resources to create solutions to improve our clients’ risk profile
- Conduct cyber risk advisory services and work with vendors and internal engineers to deliver fee generating services
- Work with data Analytics team to provide key analytics to AIG's client base
- Assist with product launches and public speaking engagements
- Assist with developing thought leadership materials
- 25% Travel Expectation
85
Consultant Cyber Risk Services Resume Examples & Samples
- Minimum 5 years business to business sales experience required, with at least three years banking industry experience
- Professional presentation and communication skills, both written and verbal are required with the ability to penetrate and establish relationships with prospects senior level executives
- Ability to develop and lead cross functional and virtual teams comprised of various areas of the firms
- Working experience in the area of compliance, internal audit or risk management in the financial services sector
86
Consultant, Cyber Risk Services Resume Examples & Samples
- Degree in accounting, engineering, business marketing, economics or related field, or equivalent industry experience is preferred
- Consultative selling skills and strong relationship building skills
- Strong analytical, writing and communication skills, meticulous, and capability to work independently
- Must be willing to travel extensively
87
Cyber Risk Assessment Specialist Resume Examples & Samples
- Defines, implements, and maintains the Cyber Risk Assessment Framework through understanding of regulatory controls requirements and industry standards
- Lead internal cybersecurity assessment and provide various maturity and impact analysis against established as well as emerging cybersecurity frameworks and trends. Publish observations and reports
- Lead global/cross-sectors working group to manage and respond to various external Cybersecurity risk assessments. Update and refine engagement model as applicable
- Prepare and advise senior leaders in managing information risk primarily from the regulatory perspective. Prepare them for various regulatory reviews from regulators such as OCC, PRA, CBI, FRB, SEC, HKMA, MAS
- Participate in various management committees and working groups to develop long-range and short-range IS risk management plans
- Lead and manage certification and attestation programs such as ISO 27001. Coach and train junior staff/s
- 6-8 years of work experience in Information Security, Compliance, IT consulting or Technology Audit. Experience in Risk Management, Information Security and Information Technology and/or Analytics preferred
- Understanding of global regulatory and legal requirements for cyber risk
- Bachelor’s degree in a related field or equivalent combination of education/experience. MBA preferred
- Previous experience performing internal and/or external audit/assessment coordination is an advantage
- Knowledge of technology, security risk and compliance best practices such as FFIEC, COBIT, ISO/IEC 27001/27002, and NIST Special Publications strongly preferred
- Ability to apply understanding of business processes and technical skills to successful completion of projects
- Excellent communication, written and oral, interpersonal and presentation skills to technical and business audiences in a constantly evolving environment
- Demonstrated experience in critical thinking and problem solving in high pressure situations
- Self-motivated, the ability to manage multiple projects under strict timelines, accepting ownership and accountability of the processes, multi-tasking skills, deliver on commitments, and a team player
- Professional certification desired: CISSP, CISM, CRISC
88
Cyber Risk Senior Associate Resume Examples & Samples
- Being recognized as an industry leader, providing and/or contributing to industry-leading practices in cyber-risk management and the financial services industry; and,
- Supporting large projects involving information security, technology risk management, cybersecurity or cyber-risk management
- Familiarity with common regulatory requirements such as OCC HS, FFIEC, GLBA, NY DFS etc. as well as industry frameworks such as NIST CSF, COBIT, COSO and PCI
- Experience designing KRIs and metrics to build risk reports for management
- Design and development of IT Risk and Cyber security programs using industry frameworks and methodologies
- Implementation and maintenance of enterprise-wide cyber risk governance frameworks
- Assessment of enterprise-wide business risks and cyber threats
- Development of detailed business risk scenarios and cyber threat models
- Design and implementation of cyber risk management controls
- Monitoring and reporting of cyber risks, threats and vulnerabilities
- Development, implementation and periodic testing of cyber resiliency plans; and,
- Use of tools and technology to provide data analytics and business intelligence on cyber threats, risks and vulnerabilities
- Managing and overseeing engagements
- Preparing concise and accurate documents, leveraging and utilizing MS Office and Lotus Notes to complete related project deliverables; and,
- Managing project financials in line with agreed-upon budgets
- Creating a positive working environment by monitoring and managing workloads of the team – balancing client expectations with the work-life quality of team members
- Providing candid, meaningful feedback in a timely manner to team members
- Keeping leadership and engagement management informed of progress and issues
- Lead project workstreams and associated staff on complex cyber risk management engagements