Job
Description
Shape the future of product delivery while crafting solutions that enhance and optimize customer experiences. Lead end-to-end processes, manage dependencies, and liaise with stakeholders as part of a team at the forefront of innovation. As a Lead Security Engineer within the Cybersecurity & Tech Controls team, you will play a crucial role in integrating risk management practices into our organization. This will enhance the security and compliance of our products, driving closure of risk gaps, supporting audits and assessments, and improving the efficiency of our Product Security Teams programs. Your role will require a broad understanding of technical principles, practices, and theories to develop innovative solutions. Analytical reasoning and adaptability skills will be essential to navigate ambiguity and change effectively. Your communication skills will be key to collaborating with cross-functional teams and managing stakeholder relationships to ensure alignment on project objectives and governance. By optimizing resources and managing risks, you will contribute to the successful delivery of high-impact projects that shape the future of the firm. **Job Responsibilities:** - Guide, coach, and oversee the creation and modification of control procedures (CPs) without starting from scratch. - Engage with Product Security Leads (PSLs) to ensure adherence to the Global Technology Policies & Controls (GTPC) process, developing high-quality controls for Products. - Assist in standardizing language, wording, and measurement for consistency across controls, ensuring maintenance, regular review, and proper re-certification of controls. - Understand the applicable control procedures during planning and building stages of products, coaching teams on identifying relevant controls. - Integrate effectively with Audit, assisting in Request for Information (RFI) reviews, facilitating communication with the audit team, and clarifying the audit scope. - Focus on "Compliance from the Start," providing valuable advice on improving the Risk Assessment Structure (RAS), mapping risks to control procedures (CPs), and addressing Control and Operational Risk Evaluation (CORE) issues. - Utilize strong communication skills to validate controls and ensure their effectiveness. **Required Qualifications, Capabilities, and Skills:** - Formal training or certification in Product delivery management concepts and 5+ years of applied experience. - Expertise in technology risk management, information security, or related fields, with a focus on risk identification, assessment, and mitigation. - Proficiency in risk management frameworks, industry standards, and regulatory requirements specific to the financial industry. - Strong critical thinking skills. - Excellent written and verbal communication abilities. - Proficient knowledge in data security, risk assessment and reporting, control evaluation, design, and governance. - Proven track record of implementing effective risk mitigation strategies. **Preferred Qualifications, Capabilities, and Skills:** - Knowledge of the product development life cycle, design, and data analytics.,
