Description

  • Perform application security reviews, typically involving Cloud Providers using a standard methodology such as OWASP
  • Perform information security risk assessments for new vendors and critical vendors. Interpret, identify, and mitigate critical risks factors in a timely manner. Track measure, report, and evaluate vendor performance using a risk-based approach
  • Perform ad hoc analyses and participate in special projects as needed by management

 

EDUCATION/CERTIFICATIONSKNOWLEDGE AND EXPERIENCE

  • 5+ years demonstrable experience in a role performing technical analysis with an Information Security component ideally with a focus on Application Security Risks (ideally OWASP) experience with a particular focus on Cloud Providers
  • 5+ years' experience with technical security concepts such as networking, LINUX/UNIX,
  • Windows or CITRIX. Ideally with knowledge of networking from a Public Cloud perspective with hands on experience of AWS, MS Azure or Google cloud
  • Strong understanding of the Shared Assessment methodology
  • Solid understanding of security tools (e.g., vulnerability scanners, firewalls, IDS/IPS, AV software) preferred
  • Requires strong analytical skills, problem solving skills, and project/program management skills
  • Solid training in computer disciplines such as application and data security, computer technology or software disciplines
  • Demonstrated ability to perform Vendor Risk assessments through on-site visits and reviewing SSAE18s
  • Solid understanding of the banking industry’s regulatory requirements for managing third parties (e.g., FFIEC)
  • Experience working with legal or sourcing as part of contract design to include key provisions for Vendor Risk Management
  • Excellent written and verbal communication skills both French and English
  • Proven ability to manage issues through to resolution skilled at making judgment calls
  • Ability to successfully multitask and complete difficult assignments with deadlines which may have short lead times

 EDUCATION/CERTIFICATIONS

  • Bachelor's degree or equivalent business experience in Computer Science, Business Management, or MS required
  • Certified training in transversal technical topics, security management, risk and compliance solutions and practices
  • CISSP, CCSP, CISA, CTPRA, or related certification(s) preferred

Key Skills
Education

Bachelor's Degree

Back To Jobs