Cybersecurity Risk Expert
As a Cybersecurity Risk Assessor within the global Chief Information Security Office (CISO), you will focus on managing information security risk for the Investment Bank and the US Legal Entities. Your responsibilities will include setting information security control requirements and assessing risk for critical applications in the bank while factoring regional regulatory requirements. You will implement in-depth security assessments, including Cloud technologies, to identify and manage thematic risks, provide cyber & information security consultancy and standard methodology advice for technology and business areas and have opportunities to improve our assessment methodologies and processes in close collaboration with other business partners in the CISO organization.
Your future colleague
The CISO team is part of the first line of defense in Credit Suisse, whose mission is to ensure IT control objectives are set, efficiency is measured, and residual risks are handled. Applicant will be responsible for ensuring the CISO mission is realized for the Investment Banking Division as well as the US legal entities of the Bank. The role will encompass broad aspects of risk management, advising senior business partners and key projects on secure/successful delivery and challenging/driving the risk posture of the Bank. The CISO team operates globally and you will support global initiatives. We are a department which values Diversity and Inclusion (D&I) and is committed to realizing the firm's D&I ambition which is an integral part of our global cultural value
Your skills and experience
We are looking for an individual who is expert and passionate about Information and Cybersecurity. The role will require refined analytical skills and the ability to identify aggregate risks and how it may affect the bank's overall risk appetite. Qualifications include:
- Bachelor degree in IT Security or related field
- Preferred 3-4 years broad experience in cyber / information security, ideally within a large organization
- Professional certifications in cyber / information security (e.g. CISSP / CISA / CISM)
- Information Security audit or risk assessment experience in complex IT environments, including Cloud technologies
- Knowledge of the financial industry and associated regulations with respect to information and cybersecurity requirements
- Deep knowledge and understanding of Enterprise IT and the principles of IT Risk/Security
- Understanding of NIST Cybersecurity Controls and related frameworks
- Experience in evaluating controls against attack vectors and propose remediation actions to mitigate risks
- Excellent analytical and problem solving skills
- Excellent team and interpersonal skills
- Excellent written and verbal communication (presentation) skills
- Strong project management skills
- Ability to work independently with minimal supervision
- Dedication to fostering an inclusive culture and value varied perspectives.