Job Description

Our Information Security professionals are passionate about information security and control solutions for computing environments. While managing a world-class team of technology experts, you'll partner with one or more disciplines, lines of business, regions or locations to respond to evolving business requirements and emerging threats. You'll also leverage your expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT operations across the firm. Responsibilities include offering guidance, best practices and support across businesses, leading risk reviews and vulnerability assessments, identifying threats, communicating with senior leaders and other stakeholders, and managing budgets.

Responsibilities include:

* Articulate a coherent end-to-end picture of risk and control including risk scenarios, policies and standards, control assessments and measurements, issues and breaks.
* Drive content into relevant GRC processes related to the above areas.
* Drive a risk mitigating culture within GIAM aligned to proactively identify, assess, and manage risks within technology and services.
* Develop an integrated technology control framework maintaining the appropriate balance between risk mitigation, product growth, and financial returns.
* Promote innovation within the technology control environment driving control optimization, process efficiency, and improved client experience.
* Strengthen the GIAM control environment through education, collaboration, and oversight.
* Collaborate with Audit, Information Risk Management, business control functions, and the GIAM teams to drive transparent, measurable, and sustainable control improvements.
* Partner closely with business and technology stakeholders providing clear direction and guidance to manage risks, optimize returns, and enhance the client experience.
* Proactively work with technology and product managers to identify potential issues and ensure effective remediation.
* Provide leadership and advise on material remediation activities ensuring appropriate resolution of issues.
* Proactive engagement with other LOB Technology Control Officers and IAM Leads.
* Active engagement in risk assessments and control substantiation.
* Collaborate with ADMs/AOs on Internal Audits, SSAE16, SOX, and regulatory assessments.
* Support Risk & Control Self-Assessment (RCSA) process ensuring issues and related action plans are timely documented, assigned, and resolved.
* Drive the Technology Control education agenda.
* Lead Technology Control forums across relevant areas.
* Ensure escalation of material issues to senior management.

This role requires a wide variety of strengths and capabilities, including:

* Bachelors degree or equivalent experience
* 10+ years of technology leadership experience.
* Strong leadership skills with exceptional verbal and written communication and presence. Strong ability to articulate ideas and results in a meaningful and actionable manner
* Strong interpersonal skills, exceptional relationship building and influencing skills and ability to effectively partner with all levels of management across numerous teams to help drive the control agenda
* Flexible, adaptable to shifting priorities; eagerness to work in a fast-paced, results driven, highly dynamic environment
* Demonstrated analytical and problem solving skills.
* Advanced knowledge of multiple IT control and project management practices, and experience working across large environments
* Ability to collaborate with high-performing teams and individuals throughout the firm to accomplish common goals
* Expertise in application and infrastructure high-availability and resiliency architectures with demonstrated experience in business
* Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management and data protection.
* Experience with Identity Access Management, technology security, risk, and audit experience.
* Experience in management consulting desirable.
* Familiarity with ITIL Framework and process.
* Experience working with geographically dispersed and culturally diverse teams.
* Proficient with multiple technologies and architectural design principles.
* Proven ability to build strong partnerships with colleagues, desire to learn quickly, be flexible and think strategically.
* Experience in business process analysis, documenting gaps and process standardization.
* Experience identifying strategic improvements and delivering measurable change.
* Certifications such as CISSP, CISM, CRISC, CISA are preferred.
* Experience working in a Cloud Computing environment is a plus.