- Raleigh, NC, USA
- Permanent, Full time
- Credit Suisse -
- 20 Apr 19
Cyber Security Risk Assessor # 123847
We are part of the first line of defense within Credit Suisse, whose mission is to ensure to set the IT control objectives, measure effectiveness, and handle residual risks. You will be responsible for ensuring the CISO mission is realized for the Global Markets and the Investment Bank and Capital Market divisions of the Bank. The role will work with the CISO for GM, IBCM in the Americas. The role will encompass aspects of risk assessment, handling penetration testing, advising senior business partners and key projects on secure, successful delivery and challenging and driving the risk posture of the Bank. The CISO team operates globally, and you will support global initiatives.
- You will have the opportunity to contribute to a global - enterprise wide IT risk and security program covering all aspects of IT central services and infrastructure.
- You will lead, conduct, and/or coordinate risk and security assessment and risk opinion engagements, in domains of IT such as:
- Cyber Security
- Application Security
- Cloud Enablement
- Mobile technology
- Identity and Access Management
- Data Loss Prevention
- You will collaborate with key clients to collect information as required for assessments, concepts and reporting requirements and advise on strategy and key initiatives.
- You will work with IT & the business on controls to be implemented to ensure a secure, controlled and manageable risk environment.
- You will ensure clients are updated on any new IT risk management developments, such as new methodologies, policies, tools and/or services.
You will focus on setting information security control requirements and assessing the risk for IBCM and GM Divisions, including risk assessments required by regulators such as the Federal Reserve Bank of NY , Securities & Exchange Commission and the NYS Dept. of Financial Services.
Credit Suisse maintains a Working Flexibility Policy, subject to the terms as set forth in the Credit Suisse United States Employment Handbook.
- You are experienced in handling or conducting IT Security Audit or Risk Assessment - evaluating controls against attack vectors and propose remedial actions to mitigate risks.
- Do you have a deep knowledge and understanding of an enterprise IT environment and the principles of IT Risk and Security?
- You have prior experience in the different fields of Infrastructure Systems Management or Support (e.g. desktop, server, storage and networks), third party vendor assessments and/or Internet Facing Applications assessments is a plus.
- Do you have experience in security in at least 2 of the domains outlined above (Cyber Security, Application Security, Cloud Enablement, etc.)?
- Do you understand the Financial Services industry and associated regulatory environment? (advantage)
- Do you have information security or data privacy related studies, knowledge and certifications (e.g. CISSP, CISM or CISA)? (advantage)
For more information visit Technology Careers .