DescriptionJoin our dynamic team to navigate complex risk landscapes and fortify technology governance, making a pivotal impact in our firm's robust risk strategy.
As a Tech Risk & Controls Senior Associate in the Corporate Technology Identity & Access Management team, you'll be at the forefront at keeping us compliant with cybersecurity requirements while enabling the implementation of the Firm's strategic vision. Key responsibilities include managing privileged access for Corporate Technology, and addressing compliance and audit requirements by ensuring strategic solutions are implemented to manage risk within tolerance. This role will be responsible for building relationships and communicating with internal teams while driving compliance. We are looking for an individual with strong analytic and collaborative skills who has the ability to manage multiple levels of responsibility.
Job Responsibilities
- Proactively monitoring and acting on Key Risk Indicators to identify non-compliance and drive remediation to address security, risk and control gaps
- Serve as the subject matter expert for privileged account and host management
- Analyze large amounts of data to facilitate decision making
- Collaborate with Application Owners and stakeholders on firm-mandated GIAM initiatives
- Interact with Technology Leadership, Product Owners, and Application Development teams on an on-going basis for business as usual remediation, risk activities, reporting and project initiatives
- Line of Business Communications for changes impacting the application teams
- Add to team culture of diversity, equity, inclusion, and respect
Required Qualifications, Capabilities, and Skills
- 3+ years of experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on risk identification, assessment, and mitigation
- Experience in Identity & Access Management and/or Technology Risk Management required
- Knowledge of Cyberark Products, Sophia, gMSA
- Strong understanding of platform, database and domain access
- Ability to manage multiple tasks simultaneously
- High level of energy and can work under pressure with minimal supervision
- Advanced Excel skills
- Excellent verbal and written skills are critical since this job primarily entails communicating technical information to both technical and non-technical audiences
- Strong interpersonal skills to manage relationships with a variety of partners and stakeholders
- Self-motivated & confident with the ability to demonstrate leadership, challenging and influencing change where necessary
- Working knowledge on R-SAM/ServiceNow/JIRA
Preferred qualifications, capabilities, and skills
- CISM, CRISC, CISSP, or other industry-recognized risk and risk certifications