performing security risk assessments 5+ years experience in security automation and integrating security into software development pipelines 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS) 2+ years experience with information technology audit or compliance management 2+ years in payment security including securing digital payments and payment cryptography 2+ years More ❯
performing security risk assessments 5+ years experience in security automation and integrating security into software development pipelines 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS) 2+ years experience with information technology audit or compliance management 2+ years in payment security including securing digital payments and payment cryptography 2+ years More ❯
performing security risk assessments 5+ years experience in security automation and integrating security into software development pipelines 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS) 2+ years experience with information technology audit or compliance management 2+ years in payment security including securing digital payments and payment cryptography 2+ years More ❯
performing security risk assessments 5+ years experience in security automation and integrating security into software development pipelines 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS) 2+ years experience with information technology audit or compliance management 2+ years in payment security including securing digital payments and payment cryptography 2+ years More ❯
performing security risk assessments 5+ years experience in security automation and integrating security into software development pipelines 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS) 2+ years experience with information technology audit or compliance management 2+ years in payment security including securing digital payments and payment cryptography 2+ years More ❯
performing security risk assessments 5+ years experience in security automation and integrating security into software development pipelines 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS) 2+ years experience with information technology audit or compliance management 2+ years in payment security including securing digital payments and payment cryptography 2+ years More ❯
performing security risk assessments 5+ years experience in security automation and integrating security into software development pipelines 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS) 2+ years experience with information technology audit or compliance management 2+ years in payment security including securing digital payments and payment cryptography 2+ years More ❯
performing security risk assessments 5+ years experience in security automation and integrating security into software development pipelines 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS) 2+ years experience with information technology audit or compliance management 2+ years in payment security including securing digital payments and payment cryptography 2+ years More ❯
performing security risk assessments 5+ years experience in security automation and integrating security into software development pipelines 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS) 2+ years experience with information technology audit or compliance management 2+ years in payment security including securing digital payments and payment cryptography 2+ years More ❯
performing security risk assessments 5+ years experience in security automation and integrating security into software development pipelines 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS) 2+ years experience with information technology audit or compliance management 2+ years in payment security including securing digital payments and payment cryptography 2+ years More ❯
performing security risk assessments 5+ years experience in security automation and integrating security into software development pipelines 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS) 2+ years experience with information technology audit or compliance management 2+ years in payment security including securing digital payments and payment cryptography 2+ years More ❯
performing security risk assessments 5+ years experience in security automation and integrating security into software development pipelines 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS) 2+ years experience with information technology audit or compliance management 2+ years in payment security including securing digital payments and payment cryptography 2+ years More ❯
performing security risk assessments 5+ years experience in security automation and integrating security into software development pipelines 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS) 2+ years experience with information technology audit or compliance management 2+ years in payment security including securing digital payments and payment cryptography 2+ years More ❯
performing security risk assessments 5+ years experience in security automation and integrating security into software development pipelines 5+ years experience working with industry frameworks and compliance requirements (NIST CSF, FFIEC CAT, CIS RAM, FAIR, PCI DSS) 2+ years experience with information technology audit or compliance management 2+ years in payment security including securing digital payments and payment cryptography 2+ years More ❯
security awareness initiatives Help maintain and update security policies, procedures, and documentation Assist with access reviews and identity management processes Support audits and compliance efforts for regulatory frameworks (NCUA, FFIEC, SOC, etc.) Required QualificationsBachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience) 1+ years of experience in cybersecurity, IT security, or related technical More ❯
Security to integrate secure NHI handling into SDLC. Compliance & Audit Maintain audit trails for credential issuance usage and rotation events. Produce compliance reports for SOX SOC 2 PCI DSS FFIEC and crypto-custody audits. Collaborate with internal audit and compliance teams to validate NHI control effectiveness. Document architecture data flows SOPs and exception processes for NHI management. Innovation & Continuous Improvement More ❯
preferred. 1. Platform Architecture & Strategy • Define and maintain the ServiceNow architectural blueprint and roadmap for the bank. • Align ServiceNow implementations with banking security, risk, and compliance frameworks (e.g., SOX, FFIEC, GLBA). • Evaluate new ServiceNow products and releases for applicability to financial services use cases. 2. Solution Design & Delivery • Lead the end-to-end design & development for modules such as More ❯
key contributor in the preparation, review, and analysis of reports compiled for regulatory agencies to include the FR Y-9C, FR Y-9LP, FR Y-11, FR 2314, and FFIEC 009/009a. You will be responsible for preparing highly technical components of the reports and/or schedules and conducting detailed reviews of reports and/or schedules prepared More ❯
key contributor in the preparation, review, and analysis of reports compiled for regulatory agencies to include the FR Y-9C, FR Y-9LP, FR Y-11, FR 2314, and FFIEC 009/009a. You will be responsible for preparing highly technical components of the reports and/or schedules and conducting detailed reviews of reports and/or schedules prepared More ❯
Onsite Requirements: 3+ years of Cyber Risk 3+ years of RCSA Job Description: Risk Control Self-Assessment Second Line of Defense Execution - Cyber Security Domain Responsibilities: NIST Cybersecurity Framework & FFIEC Information Security Handbook Alignment Program Objective - Execution of comprehensive Risk Control Self-Assessment (RCSA) programs that align organizational cybersecurity controls with NIST Cybersecurity Framework (CSF) requirements and FFIEC Information Security … Handbook guidelines, ensuring regulatory compliance and effective risk mitigation across financial services environments. Challenge and Enhance Framework Integration to NIST CSF and FFIEC Information Security Handbook Challenge and Support Enhancements to Control Framework development Control Design Documentation Remediation Planning: Develop actionable plans for control enhancement and gap closure Stakeholder Engagement & Communication Risk and Governance Reporting: Develop risk reporting and governance … Regulatory Change Management: Monitor and implement emerging regulatory requirements Documentation Standards: Maintain comprehensive audit trails and evidence repositories Expected Deliverables Comprehensive RCSA methodology documentation aligned with NIST CSF and FFIEC requirements Risk and control matrices with clear ownership and accountability structures Control testing procedures and validation frameworks Gap remediation roadmaps with prioritized implementation timelines Training materials and knowledge transfer documentation More ❯
PowerShell, Python, SQL, UiPath) to support access attestation, SoD analysis, and exception tracking. Partner with Internal Audit, Compliance, and external regulators to ensure the enterprise meets requirements for SOX, FFIEC, and other control frameworks. Serve as a subject matter expert in access governance, providing oversight on RBAC modeling, policy enforcement, and toxic access combinations. Collaborate with application owners, technology stakeholders … CyberArk and Centrify. Familiarity with data visualization tools such as Power BI, Tableau, or Splunk. Experience working in a regulated financial services environment, with a strong understanding of SOX, FFIEC, and other access-related compliance requirements is a big plus Bachelor's degree in Information Security, Computer Science, or related field or similar professional experience. Please email your resume or More ❯
management frameworks and policies, and assist business in the identification of issues. Review and maintain all program policies and standards for alignment to US regulatory expectations such as the FFIEC Guidelines. Advise and collaborate with IT and the business on appropriate ways to strengthen controls in non-compliant areas. Advise and assist first line of defense in IT & Resilience Risk … Well-developed impact and influence skills. Proven track record of building strong relationships across business functions. Extensive knowledge and experience in regulatory guidance, most importantly for the OCC and FFIEC guidelines. Strong presentation skills involving large and of varying IT & Resilience background audiences; ability to adjust message and filter details based on audience. Demonstrated ability to interact effectively, internally and More ❯
