Financial Services Client
Office Status: Hybrid
- Evaluate third party control effectiveness and review evidence of controls by applying audit, compliance, security, and regulatory framework knowledge and experience, including but not limited to: ISO27001, sig, soc reports, as well as Privacy, Compliance, Business Resiliency, Cyber and other risk domains.
- Maintain up-to-date knowledge on cyber threats including those published by Threat Intel sources such as the Cybersecurity and Infrastructure Security Agency (CISA).
- Assist in responding to audits, penetration tests and vulnerability assessments.
- Assist with updating ad creating departmental policies and procedures.
- Conduct technical compliance assessments of information systems in accordance with established standards.
- Assist with linking policy, standard operating procedures, controls, monitoring, and reporting with the goal of improving operations, compliance, and risk management.
- Knowledge of Technology and Security risk framework -COBIT, FFIEC, NIST, ITIL, COSO.