SSUSA Job #756: Director, IT Risk Assesment

Job Description


Director, IT Risk Assessment

Our financial client in New Jersey is seeking an experienced Director of IT Risk Assessment with at least  10+ years of IT security risk assessment experience.


·       Contribute to the security strategy of the firm, including planning, execution and continuous improvement

·       Lead internal and leverage external resources to operate and enhance the firms information security risk assessment program while being a performance manager for a team of employees

·       Provide oversight to the information security risk assessments of high profile, large impact technology enabled projects (e.g. firm acquisitions, strategic growth initiatives); Provide technical security expertise to the development teams, including vendor reviews, security requirement definition, and facilitation of security testing and management of residual risk

·       Serve as the Security expert across security architecture functional areas; credential management, access provisioning, authentication and authorization, application security, infrastructure security, data security, security monitoring and operation security; Serve as escalation for risk assessment team as it relates to outstanding security risks

·       Interact with various departments, business partners and other senior members of the firm to advise and assist with compensating control alternatives where security requirements cannot be met; Provide oversight and also function as a point of contact between IT project teams and the IT Security group to ensure that appropriate security resources are scheduled and that security-related project objectives and timelines are met

·       Liaise with IT and other representatives of assigned business functions to ensure that project pipelines are understood and that project priorities are reflected in IT Risk & Security's resource planning


·       A minimum of ten years of progressive IT security experience in performing IT security risk assessments

·       Bachelor's degree from an accredited college/university, Master’s degree from an accredited college/university is preferred; CISSP certification; CISM, CISA, CRISC, CIPP, CGEIT or ITIL certifications is preferred

·       Experience with security related regulatory requirements, such as NIST, ISO 27001, Cloud Alliance, HIPAA compliance

·       Excellent verbal/written communication, collaboration, analytical and presentation skills to lead an environment driven by customer service and team work

·       Ability to facilitate communications to business stakeholders and interact with all levels of management

·       Ability to work in a highly collaborative environment and comfortable with ambiguity and be able to negotiated complex cyber issues that may arise





Job Location
New Jersey

Position Type