Premier Employers are industry leaders that have forged exclusive partnerships with Meytier to forward our shared mission to offset bias in hiring, and are only visible to members of the Meytier community.
EXCLUSIVELY ON MEYTIER
You're in luck. This opportunity exclusively available through Meytier.
As a cybersecurity risk director, you will work closely with senior management, IT, legal, and business units to align cybersecurity risk strategies with business objectives, communicate cyber risk posture and exposure, and provide guidance and recommendations on cybersecurity best practices and solutions. You will also manage a team of cybersecurity risk professionals and foster a culture of cybersecurity awareness and resilience across the organization.
Key Responsibilities:
Lead and develop a dedicated team of risk managers and specialists for a consistent and effective support model.
Establish and lead a cybersecurity risk management process enabling senior management to continually identify, analyze, assess, and treat IT and cybersecurity-related risks. Translate cyber/technical IT risks into business risks and potential impacts.
Define key risk metrics, controls, and control tests to measure and assess current levels of cybersecurity risk.
Oversight and reporting of Risk Control Self Assessments, Targeted Risk Reviews, and issue management activities.
Providing day to day leadership to the business lines providing knowledge and expertise on the appropriate implementation of strategic plans, regulatory compliance, risk mitigation and industry standards.
Gaining visibility into detailed risk assessments and advises the business line on appropriate risk mitigation actions.
Advising on new processes / products, initiatives and strategies from a risk and control perspective; guiding the business lines through the various governance approvals related to new initiatives ensuring proper controls.
Acting as lead for exam for product / function under review and participating in all important interactions with the regulators.
Establishing and maintaining an effective business relationship with business partners, key project stakeholders, second and third lines of defense and subject matter experts to advise and support business initiatives.
Desired Profile:
10 years of experience in Cybersecurity and/or Information Technology
10 years of Risk Management experience gained from working in financial services industry, preferably in Cybersecurity/ Technology Risk or Operational Risk
Experience working with cloud computing related technologies including IaaS/SaaS/PaaS, DevSecOps, web application technology, operating system, database, and networking.
Familiar with network security, vulnerability management, identity management, API security, infrastructure, data loss prevention, incident and problem management, change management, cryptography, cloud security, configuration management, and other key areas.
Experience in an organization that is under strong regulatory oversight and scrutiny.
Intermediate knowledge of internal controls and risk self-assessment
Basic knowledge of business areas processes and/or products and operations; regulatory requirements; and key processes, controls, and exposure areas
Understanding of FFIEC guidelines and handbooks, GLBA, SOX, PCI
Knowledge of industry recognized frameworks such as ISO 27001, Cobit, COSO, ITIL, NIST 800-53, NIST Cybersecurity Framework
Ability to analyze and synthesize many risk data points and help the business to prioritize mitigation.
Ability to effectively communicate with all levels of the organization.
Project management skills to support multiple assignments on behalf of various stakeholders.
Leadership, coaching and staff development experience.
Certified Information Systems Security Professional (CISSP)
Certified Cloud Security Professional (CCSP)
Cloud security specialty certification in AWS and Azure
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Certified in Risk and Information Systems Control (CRISC).
Is this job not quite the right fit? No worries, Meytier has hundreds of active, open jobs. Browse more opportunities here. If you’d like to connect with a Meytier champion for help in your job search, create an account here.
{"group":"Organization","title":"Senior Risk Director- Cyber","skills":"<ul><li>10 years of experience in Cybersecurity and/or Information Technology </li><li>10 years of Risk Management experience gained from working in financial services industry, preferably in Cybersecurity/ Technology Risk or Operational Risk</li><li>Experience working with cloud computing related technologies including IaaS/SaaS/PaaS, DevSecOps, web application technology, operating system, database, and networking.</li><li>Familiar with network security, vulnerability management, identity management, API security, infrastructure, data loss prevention, incident and problem management, change management, cryptography, cloud security, configuration management, and other key areas.</li><li>Experience in an organization that is under strong regulatory oversight and scrutiny.</li><li>Intermediate knowledge of internal controls and risk self-assessment</li><li>Basic knowledge of business areas processes and/or products and operations; regulatory requirements; and key processes, controls, and exposure areas</li><li>Understanding of FFIEC guidelines and handbooks, GLBA, SOX, PCI</li><li>Knowledge of industry recognized frameworks such as ISO 27001, Cobit, COSO, ITIL, NIST 800-53, NIST Cybersecurity Framework</li><li>Ability to analyze and synthesize many risk data points and help the business to prioritize mitigation.</li><li>Ability to effectively communicate with all levels of the organization.</li><li>Project management skills to support multiple assignments on behalf of various stakeholders.</li><li>Leadership, coaching and staff development experience.</li><li>Bachelor’s Degree required; Master’s Degree preferred.</li><li>Relevant Certifications preferred:</li><li>~Certified Information Systems Security Professional (CISSP)</li><li>~Certified Cloud Security Professional (CCSP)</li><li>~Cloud security specialty certification in AWS and Azure </li><li>~Certified Information Security Manager (CISM)</li><li>~Certified Information Systems Auditor (CISA)</li><li>~Certified in Risk and Information Systems Control (CRISC) </li></ul>","zohoId":"","endDate":"2024-04-19T18:30:00.000Z","isDraft":false,"jobType":"Full Time","job_url":"2816-citizens-senior-risk-director-cyber","agencyId":1,"benefits":"","clientId":"35","location":[{"lat":41.8205199,"lon":-71.51261699999999,"zip":"02919","city":"Johnston","text":"Johnston, RI, USA","state":"Rhode Island","country":"United States","is_city":true,"is_state":false,"is_country":false,"state_code":"RI","countryCode":"US","isLocationSet":true,"nearByHexCodes":["842a331ffffffff","842a33dffffffff","842a335ffffffff","842a337ffffffff","842a333ffffffff","842a33bffffffff","842a339ffffffff"],"loc_h3_hex_res4":"842a331ffffffff","isLocationResolved":true}],"eeocFound":true,"maxSalary":"","minSalary":"","questions":[],"startDate":"2024-04-04T18:30:00.000Z","hiringSPOC":["User / Info not available"],"hiringTags":[],"onBehalfOf":"49","companyName":"Meytier","description":" ","isHybridJob":true,"isRemoteJob":true,"salaryRange":"","titleSkills":[],"otherCohorts":[],"benefitsFound":false,"hiringManager":["User / Info not available"],"maxExperience":15,"minExperience":10,"type_of_slate":"job","hiringFunction":["Technology & IT Delivery"],"isOnPremiseJob":false,"onBehalfOfName":"Citizens","otherlocations":[],"blindHiringMode":false,"experienceLevel":"Mid / Senior","numberOfOpenings":"1","otherCohortsName":"","responsibilities":"<ul><li>Lead and develop a dedicated team of risk managers and specialists for a consistent and effective support model.</li><li>Establish and lead a cybersecurity risk management process enabling senior management to continually identify, analyze, assess, and treat IT and cybersecurity-related risks. Translate cyber/technical IT risks into business risks and potential impacts.</li><li>Define key risk metrics, controls, and control tests to measure and assess current levels of cybersecurity risk.</li><li>Oversight and reporting of Risk Control Self Assessments, Targeted Risk Reviews, and issue management activities.</li><li>Providing day to day leadership to the business lines providing knowledge and expertise on the appropriate implementation of strategic plans, regulatory compliance, risk mitigation and industry standards.</li><li>Gaining visibility into detailed risk assessments and advises the business line on appropriate risk mitigation actions.</li><li>Advising on new processes / products, initiatives and strategies from a risk and control perspective; guiding the business lines through the various governance approvals related to new initiatives ensuring proper controls.</li><li>Acting as lead for exam for product / function under review and participating in all important interactions with the regulators.</li><li>Establishing and maintaining an effective business relationship with business partners, key project stakeholders, second and third lines of defense and subject matter experts to advise and support business initiatives.</li></ul>","extractedSkillIds":[],"maxSeniorityLevel":6,"minSeniorityLevel":3,"otherJobReference":"","sharpenedJobTitle":"Senior Risk Director- Cyber","job_category_group":"2","growthOppurtunities":[],"educationQualification":"Baccalaureate Degree","skillSenNormalizedTitle":"5__1__","extractSkillsFromHereToo":true,"normalizedTitleSkillsObj":{"normalizeTitle":"Senior Risk Director Cyber","allAlignedSkills":{},"detected_keywords":[],"extractedSkillIds":[],"maxSeniorityLevel":5,"detectedIndustries":{},"detectedOrgFunctions":{},"normalized_field_name":"title","detectedCertifications":{},"sortedAlignedSkillsObj":{},"skillSenNormalizedTitle":"5__1__","diversityMappedDescriptionSkillsByTitleFiltered":[]},"companyTeamJobIntroduction":"<p>As a Senior Risk Director within the Enterprise Technology & Security team you will lead our efforts to protect our organization from cyber threats. You will be responsible for developing and implementing a comprehensive cybersecurity risk management framework, overseeing the identification, assessment, mitigation, and reporting of cyber risks, and ensuring compliance with relevant regulations and standards.</p><p>As a cybersecurity risk director, you will work closely with senior management, IT, legal, and business units to align cybersecurity risk strategies with business objectives, communicate cyber risk posture and exposure, and provide guidance and recommendations on cybersecurity best practices and solutions. You will also manage a team of cybersecurity risk professionals and foster a culture of cybersecurity awareness and resilience across the organization.</p>","dNIEEOCTextFocusOtherControl":"<p>At Citizens we value diversity, equity and inclusion, and treat everyone with respect and professionalism. Employment decisions are based solely on experience, performance, and ability. Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression (including transgender individuals who are transitioning, have transitioned, or are perceived to be transitioning to the gender with which they identify), genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague’s or a dependent’s reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws.</p>","expertise_coreskill_or_product":["risk management"],"displayJobDescriptionSimpleForm":true,"expertise_coreskill_or_product_id":["i10610"],"job_id":"2816"}
