Job Details

Home

Security Consultant :: Hybrid in MA or NJ or FL or TX :: USC or GC Only at Remote, Remote, USA

From:

Sonali Gupta,

Kpg99

[email protected]

Reply to:   [email protected]

Hey,

Please Read the below Requirement and share your resume and also please let me know your visa status and current Location if interested.

Role : Senior Security Consultant

Location               : Hybrid in either Boston, Miami, NJ, TX, NY office, 2-3 days

Duration : 3 month temp to perm (USC or Green card, must convert, want perm but going this route) Need to be fully invested in going perm and agree from first interview

Interview : 3 interviews

USC & GC Only

Job Description:

Need Risk management First line or second line

Cloud background, AWS, Azure, GCP

Understand risk management framework cloud security alliance, cloud control matrix, etc need a framework for risk assessment

Need to be in the risk assessor domain but know how to figure IT solutions

Most important:

1. Risk Management skills understanding of basic IT and InfoSec risk management frameworks such as ITIL, NIST, Cloud Security Alliance, CCM (Cloud control matrix) typically the first question they ask. If I asked you to assess the risks on the digital banking platform on the cloud, what would be your first step

2. strong IT background

3. Cloud experience and/or certifications have you been involved in a solution thats hybrid cloud/on-prem and done risk assessments on an asset management deployment that connects asset management in the cloud to the existing risk management solution They should be able to understand the cloud from that perspective, not setting up the cloud or more in-depth technology responsibilities.

Big 4 consulting experience is a plus because he understands he probably wont get that for this rate.

Description:

The Senior Associate will be part of a dedicated team and execute against IRM strategy and conduct independent risk assessments/review and challenge on technology, fraud, payments, and third-party projects/processes/controls for a new digital bank platform being deployed both on-prem and in the AWS cloud. This role is expected to be able to lead assessments, identify and assess risks, document findings and opinions, and report and escalate as necessary to executive management or corporate risk partners. This role will need to work in close partnership with all lines of internal risk management peers including other first line of defense teams, corporate risk functions and internal audit. This role requires a combination of financial services (ideally US banking) risk management and cloud technology experience and expertise.

Responsibilities:
Identifying risks and requirements related to regulations and policies
Mapping risks and requirements to product functionality and processes
Reviewing configuration, controls and mitigation activities against risks
Assessing testing designs and approach and review test result output
Preparing materials for risk and compliance governance meeting review and signoff
Manage delivery timelines and develop materials to ensure IRM independent opinion appropriately represented during committee meetings, external exams and internal audits.
Ensure all activities and deliverables achieve their timeliness, quality and accuracy service levels.
Help keep CIRO informed on status of program execution and emerging risks.
Ensures a sound operational and compliance control environment through establishment of a system of internal controls.
Continuously monitor sources of risk within LOB KRIs, KPIs, QC functions, control testing, losses, fraud, incidents, and industry events. Identify control and policy/procedure updates.
Drive, track and report on issue identification and remediation.
Support process for constructive engagement with the Second and Third Lines of Defense regarding differences or conflicts in operational risk appetite, risk metric determination or evaluation, issue severity or other areas of dispute.

QUALIFICATIONS:
Education: bachelor's degree or equivalent work experience in Accounting Business Statistics Risk Management Information Systems/Security Finance Economics or equivalent field.
7 years of Technology Risk Management GRC or Audit experience
Practical experience using industry frameworks such as COBIT ITIL NIST 800-53 CSA-CCM v4 FedRamp CIS Benchmarks to identify, assess, mitigate and report information and operational risk.
Minimum 2 yrs. of Cloud experience adoption implementation in AWS Azure GCP is a must AWS preferable.
Experience working directly in one or more of these Cloud domains - Solutions Architect DevOps SysOps or Data Engineering - is highly desirable. Should have working knowledge of services such as or equivalent to AWS EC2 API Gateway CodeCommit CodePipeline Lambda S3 RDS VPC ELB Route53 Auto-Scaling IAM through AWS Console and CloudFormation.
Fundamental understanding of Cloud architecture's controls and risks from hands-on practical experience is a must.
AWS-Certified Cloud Practitioner foundational certification or equivalent for other Cloud platforms is highly desired for higher certification levels, a strong plus.
AI/Machine Learning knowledge a plus
Risk Certification preferred i.e. CRISC CISM CISA etc.
Demonstrated knowledge of operating in a regulated entity preferably a bank
Drive results and meet deadlines to reduce risks in a fast-paced environment with minimal supervision.
Analyze highly complex business issues and produce results, opinions and recommendations that are conveyed in an easy-to-understand manner.
Strong ability to lead partners and influence across all leadership levels.
Excellent communication skills including an ability to influence stakeholders across the organization to speak effectively in small and large-group settings and to write clearly in internal memos presentations and e-mails.
Strong attention to detail in a fast-paced work environment.
Fully accountable for timeliness completeness quality of projects processes products and services
Remains calm and focused on goals while facing pressures, obstacles or short-term setbacks.
Keeps up to date with external market events pressures and regulations which may impact the organization and assesses whether similar issues exist in the organization.
Monitors adherence to policies, regulations processes and procedures within function and actively undertakes corrective action where necessary.
Understands end to end processes across the organization and how processes are integrated.

Keywords: artificial intelligence sthree information technology green card New Jersey New York Texas

[email protected]
View All

12:09 AM 31-Jan-24

To remove this job post send "job_kill 1066855" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.

Your reply to [email protected] -

To

Subject
Message -

sgupta@kpgtech.com wrote:
From:

Sonali Gupta,

Kpg99

sgupta@kpgtech.com

Reply to:   sgupta@kpgtech.com

Hey,

Please Read the below Requirement and share your resume and also please let me know your visa status and current Location if interested.

Role                      : Senior Security Consultant

Location               : Hybrid in either Boston, Miami, NJ, TX, NY office, 2-3 days

Duration               : 3 month temp to perm (USC or Green card, must convert, want perm but going this route)  Need to be fully invested in going perm and agree from first interview

Interview              : 3 interviews

USC & GC Only

Job Description:

Need Risk management  First line or second line

Cloud background, AWS, Azure, GCP

Understand risk management framework  cloud security alliance, cloud control matrix, etc  need a framework for risk assessment

Need to be in the risk assessor domain but know how to figure IT solutions

Most important:

1. Risk Management skills  understanding of basic IT and InfoSec risk management frameworks such as ITIL, NIST, Cloud Security Alliance, CCM (Cloud control matrix)  typically the first question they ask. If I asked you to assess the risks on the digital banking platform on the cloud, what would be your first step

2. strong IT background

3. Cloud experience and/or certifications  have you been involved in a solution thats hybrid cloud/on-prem and done risk assessments on an asset management deployment that connects asset management in the cloud to the existing risk management solution They should be able to understand the cloud from that perspective, not setting up the cloud or more in-depth technology responsibilities.

Big 4 consulting experience is a plus because he understands he probably wont get that for this rate.

Description:

The Senior Associate will be part of a dedicated team and execute against IRM strategy and conduct independent risk assessments/review and challenge on technology, fraud, payments, and third-party projects/processes/controls for a new digital bank platform being deployed both on-prem and in the AWS cloud. This role is expected to be able to lead assessments, identify and assess risks, document findings and opinions, and report and escalate as necessary to executive management or corporate risk partners. This role will need to work in close partnership with all lines of internal risk management peers including other first line of defense teams, corporate risk functions and internal audit. This role requires a combination of financial services (ideally US banking) risk management and cloud technology experience and expertise.

Responsibilities:
Identifying risks and requirements related to regulations and policies
Mapping risks and requirements to product functionality and processes
Reviewing configuration, controls and mitigation activities against risks
Assessing testing designs and approach and review test result output
Preparing materials for risk and compliance governance meeting review and signoff
Manage delivery timelines and develop materials to ensure IRM independent opinion appropriately represented during committee meetings, external exams and internal audits.
Ensure all activities and deliverables achieve their timeliness, quality and accuracy service levels.
Help keep CIRO informed on status of program execution and emerging risks.
Ensures a sound operational and compliance control environment through establishment of a system of internal controls.
Continuously monitor sources of risk within LOB KRIs, KPIs, QC functions, control testing, losses, fraud, incidents, and industry events. Identify control and policy/procedure updates.
Drive, track and report on issue identification and remediation.
Support process for constructive engagement with the Second and Third Lines of Defense regarding differences or conflicts in operational risk appetite, risk metric determination or evaluation, issue severity or other areas of dispute.

QUALIFICATIONS:
Education: bachelor's degree or equivalent work experience in Accounting Business Statistics Risk Management Information Systems/Security Finance Economics or equivalent field.
7 years of Technology Risk Management GRC or Audit experience
Practical experience using industry frameworks such as COBIT ITIL NIST 800-53 CSA-CCM v4 FedRamp CIS Benchmarks to identify, assess, mitigate and report information and operational risk.
Minimum 2 yrs. of Cloud experience adoption implementation in AWS Azure GCP is a must AWS preferable.
Experience working directly in one or more of these Cloud domains - Solutions Architect DevOps SysOps or Data Engineering - is highly desirable. Should have working knowledge of services such as or equivalent to AWS EC2 API Gateway CodeCommit CodePipeline Lambda S3 RDS VPC ELB Route53 Auto-Scaling IAM through AWS Console and CloudFormation.
Fundamental understanding of Cloud architecture's controls and risks from hands-on practical experience is a must.
AWS-Certified Cloud Practitioner foundational certification or equivalent for other Cloud platforms is highly desired for higher certification levels, a strong plus.
AI/Machine Learning knowledge a plus
Risk Certification preferred i.e. CRISC CISM CISA etc.
Demonstrated knowledge of operating in a regulated entity preferably a bank
Drive results and meet deadlines to reduce risks in a fast-paced environment with minimal supervision.
Analyze highly complex business issues and produce results, opinions and recommendations that are conveyed in an easy-to-understand manner.
Strong ability to lead partners and influence across all leadership levels.
Excellent communication skills including an ability to influence stakeholders across the organization to speak effectively in small and large-group settings and to write clearly in internal memos presentations and e-mails.
Strong attention to detail in a fast-paced work environment.
Fully accountable for timeliness completeness quality of projects processes products and services
Remains calm and focused on goals while facing pressures, obstacles or short-term setbacks.
Keeps up to date with external market events pressures and regulations which may impact the organization and assesses whether similar issues exist in the organization.
Monitors adherence to policies, regulations processes and procedures within function and actively undertakes corrective action where necessary.
Understands end to end processes across the organization and how processes are integrated.

Keywords: artificial intelligence sthree information technology green card New Jersey New York Texas

Your email id:

Captcha Image:

Captcha Code:

Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]

Time Taken: 1

Location: ,