• Advises cross-functional teams on technology selections and decisions to achieve target state cybersecurity on improvements to current cybersecurity parameters
• Develops multi-year roadmaps aligned with business and architecture strategy and priorities
• Provide Regulatory & Industry Assessment Expertise. Provide subject matter expertise in regulatory assessments, ensuring that the organization adheres to applicable frameworks such as SOX, PCI DSS, GLBA, SOC1/2, and other relevant standards. Lead efforts to ensure audit compliance with Information Technology General Controls (ITGC) testing methods and facilitate assessments of our practices overall. Oversee the evaluation and design of assessment frameworks methodologies in partnership with various stakeholders, and processes to ensure consistent, efficient, and high-quality outcomes.
• Serve as a Strategic Risk & Control Advisor. Partner with senior stakeholders to provide risk-based guidance on control design, operational effectiveness, and audit preparedness. Lead efforts to enhance the firm’s risk assessment and control environment, identifying areas of improvement and advising on control implementation to mitigate regulatory risks. Monitor regulatory trends and audit findings to proactively address emerging risks and influence control strategies across the enterprise.
• Drive Program Execution & Governance. Influence efficient and effective execution of assessment programs, ensuring alignment with organizational objectives, risk appetite, and regulatory compliance. Establish audit readiness programs, ensuring the continuous enhancement of the firm’s control environment and audit documentation process. Lead the governance of issues raised from our assessments, tracking concerns, and resolution of findings, and ensure timely and effective closure of identified control deficiencies.
• Creates complex and scalable coding frameworks on the public cloud for new system design patterns and process templates
• Develops secure and high-quality production code and reviews and debugs code written by others
• Serves as the function’s go-to subject matter expert and drives thought leadership within the product line
• Creates durable, reusable software frameworks that improve velocity and quality of output across teams and functions

Required Qualifications

​

• Formal training or certification on cybersecurity concepts and 10+ years applied experience
• Hands-on practical experience in cybersecurity architecture that can be applied and reused across businesses, functions, and systems
• Fluent in one or more programming languages
• Deep knowledge of one or more software or applications
• Experience in audit, risk management, or compliance, with deep experience leading audit functions within a large organization.
• Demonstrated expertise in risk management frameworks, industry standards, and regulatory requirements relevant to the financial industry
• Extensive knowledge of audit principles, regulatory standards (SOX, PCI DSS, GLBA, SOC), IT General Controls, and best practices for audit readiness.
• Proven ability to lead large teams, manage cross-functional projects, influence executive-level strategic decision-making, and effectively translate technology insights to business strategy in communications with senior executives
• Proven experience managing relationships with internal and external auditors and leading large-scale audit and assessment programs.
• Advanced knowledge and experience leading data security, risk assessment & reporting, and control evaluation, design, and governance, with a track record of implementing effective risk mitigation strategies.
• Experience applying expertise and new methods to determine solutions for complex architecture problems in one or more technical disciplines

​

Preferred Qualifications

​

• CPA, CIA, CISA, or other relevant certifications preferred.
• Experience with GRC tools, audit management platforms, and data analytics to enhance audit efficiency and insight.

NA