CISO CTO Senior Risk Advisor # 106735
The CISO team is part of the first line of defense within Credit Suisse, whose mission is to ensure IT control objectives are set, effectiveness is measured, and residual risks are handled. You will be responsible for ensuring the CISO mission is realized for the IT Infrastructure and services division of the Bank, known as GCTO. The role will work with the CISO for GCTO Americas. The role will encompass aspects of risk assessment, leading penetration testing, advising senior business partners and key projects on secure, successful delivery and challenging and driving the risk posture of the Bank. The CISO GCTO team operates globally, and you will support global initiatives.
- The opportunity to contribute to a global - enterprise wide IT risk and security program covering all aspects of IT central services and infrastructure.
- Lead, conduct, and/or coordinate risk and security assessment and risk opinion engagements, in the areas of IT such as:
- Cyber Security
- Network Security
- Infrastructure and Hosting Security
- Cloud Enablement
- Mobile technology
- Identity and Access Management
- Privileged Access Management
- You will collaborate with key clients to collect information as required for assessments, concepts and reporting requirements and advise on strategy and key initiatives.
- You will work with IT & the business on controls to be implemented to ensure a secure, controlled and manageable risk environment.
- You will assure that the client is being kept updated on any new IT risk management developments, such as new methodologies, policies, tools and/or services.
Credit Suisse maintains a Working Flexibility Policy, subject to the terms as set forth in the Credit Suisse United States Employment Handbook.
- You have a Degree in Computing, Information Systems or related discipline.
- Do you have an experience in handling or conducting IT Security Audit or Risk Assessment - evaluating controls against attack vectors and proposes remedial actions to mitigate risks?
- You have a deep knowledge and understanding of an enterprise IT environment and the principles of IT Risk and Security.
- Your prior experience in the different fields of Infrastructure Systems Management or Support (e.g. desktop, server, storage and networks), third party vendor assessments and/or Internet Facing Applications assessments is a plus.
- Do you have an experience in security in at least 2 of the domains outlined above (Cyber Security, Network Security, Cloud Enablement, etc.)?
- You have an excellent analytical and problem solving skills.
- You have an excellent written and verbal communication skills.
- Do you have an excellent team and inter-personal skills?
- Ability to work independently with minimal supervision.
- Understanding of the Financial Services industry and associated regulatory environment preferred.
- Information security or data privacy related certifications (e.g. CISSP, CISM or CISA).
- Information security or data privacy related studies and diplomas are an advantage.
For more information visit Technology Careers