The Security Risk Assessments Senior Specialist plays a critical role in our expanding IT risk management practice, assessing information security risks and controls in various types of assessments.
Key Responsibilities:
* Conduct comprehensive assessments of information security risks and controls.
* Lead Proof of Concept (POC) exercises on new risk management software to evaluate its effectiveness.
* Develop and deliver training sessions and socialization meetings to educate users on best practices.
* Spearhead the implementation of risk management processes and technologies, ensuring seamless rollouts.
* Maintain assessment tools and risk registers to ensure accurate and up-to-date information.
Core Competencies/Skills:
* Demonstrated working knowledge of information security controls, risks, and best practices within a banking environment.
* Familiarity with commonly used banking applications, operating systems, and databases.
* Understanding of cloud-based applications and tools, including security controls specific to SaaS, IaaS, and PaaS solutions.
* Awareness of cyber security regulations and industry frameworks.
* Self-motivated and disciplined approach to learning and working, with a strong ability to adapt to changing circumstances.
* Capacity to work independently and collaboratively as part of a team.
* Excellent verbal and written communication skills.
* Highly developed sense of personal accountability and follow-through.
* Ability to prioritize multiple tasks, projects, and goals effectively.
Requirements:
* Bachelor's degree required; Master's degree preferred.
* Minimum 2-5 years of experience in Big-4 IT audit, assurance or consulting.
* Preferred background in Information Systems/Technology, Science, or Engineering.
* Exposure to and interest in computer science and associated subject matter.
* Active pursuit or possession of designations in information security and IT risk fields such as CISSP, CISM, CISA, CRISC.
This is an exceptional opportunity for a motivated and disciplined individual with a passion for information security risk management to contribute to our growing practice.