FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
ATS Keywords
Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills
risk assessmentscontrol evaluationsinformation securityidentity and access managementapplication securitycloud securityvulnerability managementincident responserisk management frameworksanalytical skills
Soft Skills
independent judgmentprofessional skepticismproblem-solvingdecision-makingwritten communicationverbal communicationinfluencing stakeholdersleadershipmentoringrelationship building
Certifications & Qualifications
CISSPCISACRISCCISM
Industry Keywords
NISTFFIECPCIregulatory requirementsSecond Line of Defenseauditfinancial servicesrisk culturegovernancecontrols
Tech Stack
Tools & technologiesCloudCyber Security
About the role
Key responsibilities & impact- Provide independent oversight and credible challenge across Technology and Information Security domains including governance, controls, risk assessments, metrics, and issue management.
- Perform risk-based assessments to identify control gaps, thematic risks, and emerging threats.
- Develop independent risk opinions supported by analysis, evidence, and professional judgment.
- Evaluate alignment with applicable laws, regulations, and industry frameworks (e.g., NIST, FFIEC, PCI).
- Partner with business and risk stakeholders to support the implementation and maintenance of effective risk management frameworks.
- Identify gaps in processes, systems, controls and drive solutions to minimize risk exposure.
- Ensure risks are actively identified, monitored, escalated, and remediated as appropriate.
- Influence policies and procedures to strengthen the control environment and reduce regulatory risk.
- Build and maintain strong relationships with First Line stakeholders while maintaining independence and objectivity.
- Provide clear, concise, and executive-ready communication of risk posture, key issues, and trends.
- Engage senior leadership to support risk-informed decision making.
- Translate complex technical risks into actionable business insights.
- Lead, coach, or mentor risk and security professionals; support talent development and team capability.
- Contribute to strategic initiatives impacting enterprise technology, security and risk programs.
- Act as a subject matter expert on technology and cybersecurity risk and regulatory expectations.
- Promote a strong risk culture emphasizing accountability, transparency, and continuous improvement.
Requirements
What you’ll need- Bachelor's degree, or equivalent work experience
- Typically more than 10 years of applicable experience
- Advanced knowledge of information security domains (e.g., identity and access management, application security, cloud security, vulnerability management, incident response)
- Strong understanding of regulatory requirements and industry standards (e.g., NIST, FFIEC, PCI, and risk management frameworks)
- Experience performing risk assessments, control evaluations, and oversight activities
- Advanced understanding of business operations, systems, and associated risks and controls
- Ability to operate independently with strong judgment and professional skepticism
- Strong analytical, problem-solving, and decision-making skills
- Excellent written and verbal communication skills, including executive-level messaging
- Proven ability to influence stakeholders and challenge effectively without direct authority
- Strong leadership and management skills across people, processes, and projects
- Experience operating within Second Line of Defense, audit, or regulatory environments
- Relevant certifications (e.g., CISSP, CISA, CRISC, CISM) preferred
- Advanced knowledge of regulatory environment and trends in financial services
Benefits
Comp & perks- Healthcare (medical, dental, vision)
- Basic term and optional term life insurance
- Short-term and long-term disability
- Pregnancy disability and parental leave
- 401(k) and employer-funded retirement plan
- Paid vacation (from two to five weeks depending on salary grade and tenure)
- Up to 11 paid holiday opportunities
- Adoption assistance
- Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law
