Application Security Risk Lead

Join to apply for the Application Security Risk Lead role at CFOTech IT Global Services

At CFO Tech, we're looking for an Application Security Risk Lead to join the team of a major client.

Overview

Risk Lead ensure that risk assessment outcomes are effectively communicated to application team members. They support ideation activities, facilitate meetings, and gather information from various teams. In addition to their managerial duties, Risk Managers also take on the responsibilities of Risk Reviewers. This includes reviewing tickets for inconsistencies, managing ERV calls, and collaborating with Risk Reviewers to define the ticket review approach. They maintain a dashboard of ticket statuses, report on ticket status and metrics, and act on pending items in a timely manner. Risk Managers assist in creating issues and mitigation plans, track ticket progress, and manage interactions with other NIS teams. They are responsible for presenting problems as opportunities and knowing when to escalate issues to senior management.

Responsibilities

• Review tickets for inconsistencies, talking points, in advance of ERV calls with customers
• Validate tickets, associated tasks and SDD information
• Manage and run ERV calls
• Work with Risk Reviewer to understand questionable items and define approach to ticket review
• Review previous tickets, including upstream and downstream relationships and for other firms and their results in relationship to other tickets; discuss inconsistencies with the Risk Reviewer
• Maintain a dashboard of ticket status and be ready to report on status of any ticket and general metrics upon request
• Review and action pending items/responses in a timely manner
• Participate in team calls and ideation exercises
• Be able to communicate with seniors and stakeholders
• Review related CRS and SRT tasks and manage calls upon request or when the Customer does not understand the record documentation
• Assist with creation of Issues and/or Mitigation Plans for Issues
• Track progress of the ticket through the Issue Mgmt. Stage and manage interactions with ancillary NIS teams: Global Workspace; m365; Third Party Risk Mgmt.; Splunk; Business Continuity; Mobile Application Mgmt.; BISO/CISO teams
• Know when and how to escalate to senior management

Mandatory Skills

• Customer service skills to create an exceptional customer experience
• Strong organizational and time management skills to support multiple concurrent reviews
• Self- Awareness
• Quick Learner (ability to integrate training and coaching received into action)
• Asks questions to deepen their understanding of our processes, the business, and solutions
• Knowledge of the Information Security Policy, Application Readiness Standard, & Applicable Supporting Standards
• Understand the purpose of Application Readiness process
• Ability to interact with customers, and ensure customers understand what actions they need to take
• Ability to assess whether a control is met or nmet (black and white)
• Ability to review documentation analytically and assess control compliance based on information/documentation provided
• Ability to evaluate complex data and determine whether data can be used to support the reviews being conducted
• Ability to pull facts and details related to controls from different types of documentation and diagrams submitted
• Interface with customers to ask clarifying questions, prompt for responses to open items, provide guidance on next steps, schedule meetings
• Interface with AR Risk Manager(s) and AppSec Architects to provide status, raise flags/concerns related to IT Security Risk
• Document work in the SNOW AR Ticket
• Strong English written and verbal skills

Key Skills

• Strong communication and organizational skills
• Ability to manage multiple projects and teams
• Problem-solving skills and strategic thinking
• Knowledge of information security policies and application readiness standards
• Year Of Experience: 3 - 10 years in a relevant role

Certifications

• Desirable: CISSP / CISM / CISA / CCSK / CCSP / CRISC

Year Of Experience

3 - 10 years of experience in a relevant role

Modalidad De Trabajo

• 100% remoto

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Information Technology
• Industries: Computer and Network Security

Referrals increase your chances of interviewing at CFOTech IT Global Services by 2x

#J-18808-Ljbffr

---