Business Unit Risk Specialist providing risk management expertise and support in financial institution. Engaging with stakeholders for compliance with risk program requirements across Business Unit.
About the role
- Assistant Vice President II assessing IT security threats at AIG. Collaborating with various teams to identify and improve security measures across IT systems.
Responsibilities
- Identify vulnerabilities, exploit weaknesses, and challenge assumptions within security protocols
- Enable the organization to understand potential threats from an attacker's perspective
- Replace and extend current manual processes through automation or other appropriate techniques
- Develop and implement additional risk and performance metrics
- Design and supervise implementation of data quality controls and workflows
- Improve vulnerability discovery and risk-based prioritization models
- Collaborate on event management and treatment of emergent vulnerabilities
- Engage with peers in various teams to identify and pursue additional opportunities for improvement
- Collaborate with data integration/analytics team to integrate additional findings and finding types into the vulnerability data model
Requirements
- 5+ years of IT systems engineering or IT security engineering experience
- Bachelor's degree in computer science or cyber security is preferred
- Proven experience in secure design and operations of IT systems
- Cloud (Azure, AWS, GCP) security testing experience preferred both offensive and defensive
- Web API / web service dev/ops or API security experience
- Strong communicator, both verbal and written
- Commitment to advancing skills in the IT risk/security field
- Demonstrated success leveraging scripting and automation skills to improve IT processes and workflows
- Excellent problem-solving abilities and analytical mindset
- Demonstrated understanding of computer engineering fundamentals including familiarity with common offensive and defensive tactics
- Proven success in challenging operational environments including dealing with change, ambiguity and competing priorities
- Risk management experience a plus
- Web development or reversing or exploitation experience preferred
- Familiarity with IP stack and related protocols a must
- Familiarity with web services, servers and related protocols a must
- Experience in one or more of Linux, Windows, Active Directory, Azure Directory, O365
- Familiarity with one or more of BurpSuite, PostFix, Mulesoft or other API proxies, is a plus
- Familiarity with data integration systems and concepts is a plus
- Incident handling/response, malware analysis, adversarial emulation, and offensive skills are a plus
- OSCP, OSWE or OSCE certifications or equivalent demonstrated skills are a strong plus
Benefits
- Competitive benefits package
- Total Rewards Program focused on health, wellbeing, and financial security
- Professional development opportunities
- Bonus eligibility
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Risk & Assurance Manager at ICRC ensuring effective risk management and compliance across humanitarian programs. Identifying, assessing, and mitigating risks in complex environments.
Risk Analyst exploring data for business decisions at a digital fintech in Uruguay. Key responsibilities include data analysis, trends identification, and collaborative product design.
Analyst, Data Governance at Goodwin collaborating with teams to assess and enhance data governance practices. Handling data quality, master data management, and analytics implementations in a global environment.
Director of Culture Enablement & Governance at TIAA overseeing operations and cultural transformation initiatives. Providing consulting and governance frameworks for effective talent management and business operations.
Risk Solutions Development Manager ensuring project alignment with BBVA's strategies and delivering value. Leading agile teams and managing product backlog for successful project execution.
Senior Property Risk Consultant at HUB International advising clients on managing property risks and advocating with carriers. Conduct assessments across diverse portfolio with technical expertise and industry knowledge.
Senior Consultant responsible for assessing and remediating supplier Cyber health risks at CIBC. Working closely with Third Party suppliers and business stakeholders in a hybrid role.
Senior Associate specializing in privacy law and data protection at PwC. Focus on implementing data governance and quality processes to support organizational standards.
Director of Risk Management leading Office of Risk Management activities in India. Providing governance and oversight for enterprise risk management across the region.