Information Security Risk & Regulatory Governance, VP
Credit Suisse is a leading global wealth manager with strong investment banking capabilities. Headquartered in Zurich, Switzerland, we have a global reach with operations in about 50 countries and employ more than 45,000 people from over 150 different nations. Embodying entrepreneurial spirit, Credit Suisse delivers holistic financial solutions to our clients, including innovative products and specially tailored advice. Striving for quality and excellence in our work, we recognize and reward extraordinary performance among our employees, provide wide-ranging training and development opportunities, and benefit from a diverse range of perspectives to create value for our clients, shareholders and communities. We are Credit Suisse. We Offer
A department which values Diversity and Inclusion (D&I) and is committed to realizing the firm's D&I ambition which is an integral part of our global Conduct and Ethics Standards
A great opportunity to join Credit Suisse's Chief Information Security Officer (CISO) Team, based in NYC, as a Governance, Reporting and Data Analytics Officer, covering Americas and key global divisions. You will support and drive a variety of initiatives and programs in the area of cyber and information security governance. The role involves:
- Development and implementation of strategies, policies and control frameworks that manage risk arising from the use of information systems during the execution of business functions and divisions from a global and Americas region perspective
- Influencing the development of cybersecurity regulations and standard methodologies by leading sector engagement efforts and liaising with government, academia, peer banks, and trade associations while working with internal parties to represent the organization's interests
- Developing group level regulatory reporting initiatives, including global coordination across multiple countries
- Exposure to senior management through the preparation and presentation of data analytical and reporting products related to cyber and information security risks.
- Demonstrating compliance to laws, regulations and industry standards that govern cybersecurity through the application of standards and the best methodologies including NIST, FFIEC, COBIT, ITIL and ISO
- Driving cyber resilience maturity by preparing incident response plans and facilitating cybersecurity simulations with global and regional partners
- Developing reporting on a periodic basis regarding the status of the information security program to Credit Suisse's Board, CIO's or other responsible individuals or committees
- A chance to build and manage cybersecurity training courses
- Excellent career development/growth equal opportunities within the global CISO organization and CS in general.
- Understands the value of diversity in the workplace and is dedicated to fostering an inclusive culture in all aspects of working life so that people from all backgrounds receive equal treatment, realize their full potential and can bring their full, authentic selves to work. This should be further elaborated on in your application.
- Experience working in an information or cyber security (or similar) function, risk management, data analysis, critical infrastructure protection and/or advisory services
- Experience of working with external affairs to develop positive relationships with regulators and other government officials responsible for information, privacy and data security issues
- Experience in establishing repeatable processes related to the creation and production of governance reports and data artifacts, as well as establishing processes for due diligence and gap analysis for new or emerging regulations
- Experience in visualizing data (Excel, Tableau) and crafting data driven storyboards and executive views
- Experience with querying and data (Excel, SQL) from necessary source systems and conducting analysis in order to create insights and prepare reports with minimal supervision
- Detailed understanding of designing and implementing governance solutions within a divisional context that can be scaled up to the global level
- Subject matter specialist in NIST Cybersecurity Framework and NIST 800 series documents and other such related frameworks: COBIT/ITIL/ISO
- Outstanding written and verbal communication skills for senior management and top executive audience. Excellent problem solving, interpersonal and analytical skills are desired
- Track record of performing with a high level of independence while adapting to the demands of process and compliance
- Hardworking, result oriented, ability to function within a multidisciplinary team with a strong curiosity for extracting knowledge from data and the skill to elicit technical requirements from a non-technical audience
- Experience in developing curriculum, training programs, courses, seminars, and exercises that cover cybersecurity
- Secret level security clearance and experience in the public sector, understanding of US government entities and Sector engagement are a plus!
- Professional certifications in information/cyber security (e.g. CISSP/CISA/CISM) is a plus!
Credit Suisse is an equal opportunity employer. Welcoming diversity gives us a competitive advantage in the global marketplace and drives our success. Credit Suisse complies with applicable federal, state, and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Subject to applicable law and regulatory requirements, Credit Suisse complies with state and local laws regarding considering for employment qualified individuals with criminal histories.