Cyber Security Assessor
The CISO department is part of the first line of defense with Credit Suisse, our mission is to understand the threat landscape, define key control requirements, review control effectiveness and ensure management of residual risk to ensure adequate security controls are in place for the protection of Credit Suisse technology environment.
This role specifically will cover our partnership with the central IT organization at the bank called Group Chief Technology Office (GCTO).The role will specialize in performing IT security risk assessments on existing or new information solutions. The role will encompass aspects of collaborating and advising partners on secure successful delivery of key technical solutions to ensure Credit Suisse maintains a controlled and manageable risk posture environment.
- You will have the opportunity to contribute to a global - enterprise wide IT risk and security program covering all aspects of IT central services and infrastructure services
- You will lead, conduct, and/or coordinate risk and security assessment and risk opinion engagements, in the areas of IT such as:
- Infrastructure Security
- Mobile Technology
- Virtualization and Cloud Enablement
- Identity and Access Management
- Application Security
The role will have a particular focus on the latest End User technologies such as Desktop Computers, Mobile Devices, VPN, VoIP, Cloud Enablement and other Collaboration technologies.
Credit Suisse maintains a Working Flexibility Policy, subject to the terms as set forth in the Credit Suisse United States Employment Handbook. You Offer
- You have demonstrable ability to collaborate with key clients to collect information as required for security risk assessments, concepts and reporting requirements and advise on strategy and key initiatives
- You have expertise working with IT & the business on security controls to be implemented to ensure a secure, controlled and manageable risk environment
- You have experience working closely with partners to ensure they are being kept updated on any new IT risk management developments, such as new methodologies, policies, tools and/or services
• You have experience in handling or conducting IT security risk assessments and providing risk opinions in IT domains, such as cloud, mobile, data loss prevention, identity and access management
• You have deep knowledge in cyber security best practices and standards including National Institute of Standards and Technology (NIST) publications
• You have demonstrable ability to work independently and in a team environment with minimal supervision
Nice to have:
• You have deep knowledge of financial services regulatory requirements
• You have a degree in Information Security or Data Privacy related studies
• You have Information Security Certifications, i.e. CEH, CISSP, CCSP (certification or equivalent)
• You have familiarity with reviewing penetration testing results and providing remediation or mitigation recommendations
• You have strong Microsoft Office skills to included, Word, Excel and PowerPoint
For more information visit Technology Careers .