- Travel to vendor locations for on-site assessments
- Interface with enterprise sourcing, technology risk management, business teams and engagement management on vendor cyber security issues identified
- Review and challenge vendor evidence for issue closure
- Assist in the design and implementation Cyber TPG related processes and tools
- Define and create relevant metrics, presentations and reports
- Review the cyber related attestations by third parties such as SOC2 and ISO 27001 and report any observations for further review and tracking
- Review vendor risk reports created by internal and external entities for impacts to cyber security
- Keep up to date on the latest trends, methodologies and tools related to third party
- Interface with industry coalitions working on third party cybersecurity issues
Qualifications
- Bachelor’s degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred. Industry certifications such as CISSP or CISM a plus
- 10+ years of experience in cyber security related activities required
- Firsthand experience in performing control-level technical cyber risk assessments
- In-depth technical knowledge in 1-2 cyber domains
- Experience in the securities or financial services industry is a plus
- Experience in third party governance and related tools is strongly desired but not required
- Ability to manage multiple projects and priorities
- Familiarity with various global regulations and industry standards concerning cyber security
- Strong verbal and written communication skills
Maintains the effectiveness of enterprise-wide information security strategy including related programs, processes and initiatives. May allocate/coordinate work within a team/project. Assists in the development, implementation and enforcement of corporate-wide security policies, procedures and standards. Assists in consulting with the business and operational infrastructure personnel regarding new and existing technologies and appropriate security architectures, practices and procedures. Reviews and analyzes more complex data and information to provide insights, conclusions and actionable recommendations produces advanced reports, analyses, findings, etc. Works closely with IT infrastructure and software engineering applications development to ensure integrity of security procedures, systems, and policies. Works with developers to ensure proper completion of all risk assessments within policy and procedures. Contributes to the achievement of related teams’ objectives. Bachelor’s degree in computer science or a related discipline, or equivalent work experience required, 6-8 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.. BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer. Minorities/Females/Individuals with Disabilities/Protected Veterans. Our ambition is to build the best global team – one that is representative and inclusive of the diverse talent, clients and communities we work with and serve – and to empower our team to do their best work. We support wellbeing and a balanced life, and offer a range of family-friendly, inclusive employment policies and employee forums.
GatedTalent consolidates jobs from a variety of sources. Users of the “Talentis” and “FileFinder” executive search CRMs are able to publish jobs to the site with links from inside their core business apps. These are supplemented by jobs added by our own researchers and those provided by a third party job aggregation service. Please note that GatedTalent staff are not directly involved in the recruiting process.
You don't have credit card details available. You will be redirected to update payment method page. Click OK to continue.