Cybersecurity, Sr. Consultant - Regulatory, Audit, & Compliance
About the position Responsibilities
- Oversee and manage audits, compliance, and regulatory activities related to Cybersecurity, including FBA/FFIEC, Bank of England, other regulators, GLBA, SSAE16/ISAE3402, SOC 2, PCI-DSS, Sarbanes-Oxley (SOX), internal audits, ISO, NIST, COSO, COBIT, and customer/client inquiries.
- Collaborate with various functions such as corporate compliance, internal audit, enterprise risk management, regulatory risk, and technical teams to facilitate audit, regulatory, and compliance practices for information security.
- Promote proactive readiness activities and enhance information security based internal controls to support future reviews.
- Leverage Artificial Intelligence tools or other automation tools to improve efficiency and productivity in audit and compliance processes.
- Develop comprehensive risk management reports, including dashboards, metrics, and executive summaries.
- Advise Cybersecurity leadership on the status of technology risk and compliance issues, based on assessment results and information from various monitoring and control systems.
Requirements
- 8+ years of relevant work experience with a Bachelor's Degree or at least 5 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 2 years of work experience with a PhD, OR 11+ years of relevant work experience.
- 9 or more years of relevant work experience with a Bachelor Degree or 7 or more relevant years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 3 or more years of experience with a PhD.
- Bachelor's degree in Computer Science, Information Systems, Management Information Systems, or Business Administration or another related field.
- 8-10 years of leadership experience in Information Security, Audit, Risk, and/or Compliance.
- 6+ years direct participation and experience across common industry security policy areas, including PCI-DSS, ISO, NIST, COSO, COBIT, FFIEC, SOX, SSAE16/ISAE3402, SOC 2 and others.
- Proven experience collaborating with multiple stakeholders on both internal and external delivery and communication initiatives.
- Ability to synthesize diverse data points, solve problems, and develop comprehensive and effective execution and risk mitigation plans.
- Strong executive presence and exceptional communication skills, with experience in audit, compliance, regulatory discussions, and proactive readiness activities with internal partners and external clients.
- Capability to influence beyond the immediate team and engage with more experienced or senior individuals.
- Must be highly flexible and able to manage multiple tasks and priorities under tight deadlines.
- Data Analysis skills using Microsoft Excel, SQL, or other scripting languages.
- Broad and deep experience across PCI standards (DSS, PIN, P2PE, Token etc.) with the ability to apply the standards with confidence across different organizational contexts.
- Previous experience in implementing or managing Governance, Risk, and Compliance (GRC) tools, as well as developing dashboards and creating tools to automate tasks in order to enhance efficiency.
- CISSP, CISA, CISM, CEH, PCI QSA/ISA Certifications preferred. Nice-to-haves
- Advanced Degree (e.g., Masters, MBA) in related field.
Benefits
- Medical
- Dental
- Vision
- 401 (k)
- FSA/HSA
- Life Insurance
- Paid Time Off
- Wellness Program Apply tot his job Apply tot his job
Apply tot his job Apply To this Job