Vice President - Impact Assessments

Contribute to leading-edge security and resilience efforts, advancing protective strategies and propelling continuous improvement.

As an Assessments & Exercises Vice President in Cybersecurity Technology & Controls, you will contribute significantly to enhancing the firm's cybersecurity or resiliency posture by using industry-standard assessment methodologies and techniques to proactively identify risks and vulnerabilities in people, processes, and technology.

Design and deploy risk-driven tests and simulations (or manage a highly-skilled team that does) and inform analysis to clearly outline root-causes.

In this role, you will evaluate preventative controls, incident response processes, and detection capabilities, and advise cross-functional teams on security strategy and risk management.

Job responsibilities


* Evaluate controls for effectiveness and impact on operational risk, as well as opportunities to automate control evaluation


* Collaborate closely with cross-functional teams to develop comprehensive assessment reports - including detailed findings, risk assessments, and remediation recommendations - making data-driven decisions that encourage continuous improvement


* Assess the impact of identified technology control observations on internal controls over financial reporting, ensuring timely escalation.


* Continuously monitor technology risks to ensure adherence to firm standards, regulatory requirements, and industry-leading practices.


* Develop and execute risk mitigation strategies, ensuring technology control observations are addressed through the design and implementation of effective processes and controls.


* Partner with internal control functions, internal audit, and external audit teams to support technology controls testing, as well as quarterly and annual SOX and SOC reporting programs.


* Contribute to initiatives that strengthen the management of technology risks within business processes and SOX/SOC programs by conducting ongoing process and control assessments, ensuring governance adherence, and alignment with firm standards and policies.


* Leverage artificial intelligence and monitoring tools to proactively identify, analyze, and mitigate risks by interpreting process data insights and metrics for control effectiveness.


* Lead and execute assigned technology risk assessment activities, including annual, quarterly, and ongoing reviews, walkthroughs, and oversight of control operating effectiveness.


* Develop materials and communicate impact assessment findings, recommendations, and status updates to senior leadership, business process owners, and relevant stakeholders.


* Collaborate with cross-functional teams across business and technology to design, implement, and evaluate effective technology controls, ensuring their positive impact on business processes.

Required qualifications, capabilities, and skills


* Obtain 5+ years of experience in technology risk ma...