Assessments & Exercises Vice President - 3rd Party Resiliency

Contribute to leading-edge security and resilience efforts, advancing protective strategies and propelling continuous improvement.

As an Assessments & Exercises Vice President in the Cyber and Tech Controls line of business, you will contribute significantly to enhancing the firm's cybersecurity or resiliency posture by using industry-standard assessment methodologies and techniques to proactively identify risks and vulnerabilities in people, processes, and technology.

Design and deploy risk-driven tests and simulations (or manage a highly-skilled team that does) and inform analysis to clearly outline root-causes.

In this role, you will evaluate preventative controls, incident response processes, and detection capabilities, and advise cross-functional teams on security strategy and risk management.

In this role you will work within the Governance, Strategy & Transformation team for Firmwide Technology Resiliency , interfacing closely with the firm's most senior technology, cybersecurity, and business leaders to pinpoint areas of emerging risk, drive development of new controls, processes, & tooling, and ultimately build both medium & long-term strategy to chart the course for the FTR organization and ensure ongoing delivery across the firm.

Job responsibilities


* Drive 3 rd Party Resiliency Requirements and controls disposition with the 3 rd Party Assurance team


* Work with the 3rd Party Escrow program to asses risk posture and governance processes


* Track and refine the strategic priorities for the 3 rd Party program across the FTR organization, liaising closely with the wider FTR, 3 rd Party Oversight and 3 rd Party Assurance team and senior business and technology leaders where required


* Work across the FTR organization to drive the overall stakeholder engagement strategy, core process uplift activities, and risk management practices


* Partner closely with Cybersecurity, Technology, and Business Resiliency leadership to build and sustain strong partnerships across Cybersecurity, Technology, Product Management, Operations, Business Resiliency, Third Party Oversight, Risk & Compliance teams to drive program maturity and development of meaningful measurements to communicate ongoing status/progress


* Deliver clear and efficient responses to regulatory and firmwide requests for information


* Create executive content for senior stakeholders in a clear and concise way to drive consistent governance


* Design and execute testing and simulations - such as penetration tests, technical controls assessments, cyber exercises, or resiliency simulations, and contribute to the development and refinement of assessment methodologies, tools, and frameworks to ensure alignment with the firm's strategy and compliance with regulatory requirements


* Evaluate controls for effectiveness and impact on operational risk, as well as opportunities to automate control evaluation


* Collaborate closely with cross-functio...