The Technology Risk Management (TRM) team is the second line of defense for the Information Security Risk function within Credit Suisse to deliver effective IT Risk governance and management. The team owns the Information Security Policies, application and infrastructure control assessments, IT Risk Governance, Emerging threats and the controls framework to protect CS information.
This role offers significant exposure to the Credit Suisse Information Security Policies and Standards, Infrastructure and Application Assessments, the CS controls framework, Key Risk Indicators, metrics, and control assurance as they relate to protecting Credit Suisse information.
Lead, conduct, and/or coordinate risk and security assessment and risk opinion engagements, in the areas of IT: Investment Banking, Corporate Systems, Private banking or Technology Services in the Americas.
Interface with the key IT clients in the region ensuring adequate IT risk coverage.
Serve as a contact point in relation to IT risk matters affecting the region (based on assigned department)
Evaluate controls against firm Information Security Standards
Deliver in a fast moving and changing environment to deliver to the IT Risk and IT Americas strategy.
Interface with clients to collect information as required for assessments, concepts and reporting requirements.
Work with IT & the business on controls to be implemented to ensure a secure, controlled and manageable risk environment.
Manage the client's risk register, including reporting and follow-up.
Assure that the client is being kept updated on any new IT risk management developments, such as new methodologies, policies, tools and/or services.
Communicate IT risk requirements and best practices to staff, consultants and vendors via presentations, training programs, memos, websites, and other relevant media
Credit Suisse is an Equal Opportunity Employer and does not discriminate in its employment decisions on the basis of any protected category.
- Experience with Technology Risk Management, Information Security, IT control assurance in a central or business aligned support/control/audit functions
- Advanced Microsoft Excel skills with experience in data analytics, metrics, KRIs
- Advanced Microsoft PowerPoint skills with a Management Consulting background
- Understanding of the Financial Services industry and associated regulatory environment
- Drive to deliver independently to high quality standards, drive to learn
- Excellent analytical and problem solution skills
- Excellent written and verbal communication skills
- Excellent presentation skills
- Excellent team and inter-personal skills
- Experience with development and administration of risk assessments and reviews
- Experience with audit processes and disciplines
- Experience with, more than one major IT discipline (e.g., distributed computing, networks, financial applications design and development, IT security and business recovery)
- At least 2 years in an IT risk and security function in the Investment Banking industry, internal control, legal, compliance functions, regulatory disciplines or audit processes, or IT infrastructure, applications development, and controls related disciplines
- Experience with IT risk standards and industry best practice approaches, such as ISF Standard of Good Practice, ISO 17799, CoBIT, COSO, ITIL, etc
- Information Security or Privacy Related Certifications
To the extent permitted or required by applicable law, a candidate who is offered employment will be subject to a criminal record check and other background checks.
Credit Suisse (USA) is one of the top US investment banks, offering advisory services on mergers and acquisitions, raising capital,...