Cloud Risk and Security
at Synechron
Remote, Scotland, United Kingdom -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 08 Aug, 2024 | Not Specified | 09 May, 2024 | 7 year(s) or above | Iso,Sql,Snowflake,Communication Skills,Strategy,Mitigation,Azure,Storage,Nist,Product Management,Google Cloud Platform,Cobit,Data Services,Itil,Regulated Industry,Cgeit,Cissp,Amazon Web Services,Cisa,Technology Risk,Interpersonal Skills | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
We’re Synechron, a global consultancy Laser-focused on accelerating digital initiatives in financial services with over 14,500 members of staff across 19 countries and a unique mix of end-to-end digital, business and technology services, we help clients solve complex challenges with modern and innovative solutions.
Our clients come to us with problems that need genuine thought, intelligence and knowledge; we’re not just putting bodies on seats.
We are seeking a Cloud Risk and Security! This will be
RESOURCE PREFERRED QUALIFICATIONS:
- Experience working directly with regulators of the financial industry in Asia regionally, or Singapore locally.
- Risk certifications such as the CIA, CISSP, CISA, CRISC, CGEIT, CDPSE, etc.
- Certifications in Public Cloud such as AWS Certified Cloud Practitioner, or AWS Certified Security Specialty
- Experience working with NIST, COBIT, ITIL, CSA, and/or ISO risk and ITSM frameworks
- Experience in an influence management discipline such as project management or product management
- Familiarity with DevOps and SRE practices
- Experience with cloud infrastructure and data services (compute, storage, networking and others)
Resource Basic Qualifications:
- Undergraduate degree in related field or equivalent experience
- 7+ years relevant work experience in Technology Risk & Controls in a large organization in a heavily regulated industry
- 3+ years relevant work experience in Public Cloud Technology (Amazon Web Services, Google Cloud Platform, Snowflake, MongoDB Atlas, Azure, etc.)
- MS Excel required. MS Access, SQL a plus.
- Consistent, clear, and concise written communication skills
- Ability to explain concepts consistently to stakeholders, including non-technical audiences
- Ability to firmly communicate the requirements and position of Policy that must be satisfied
- Ability to see the big picture with high attention to critical details
- Demonstrated ability to develop and implement strategy and process improvement initiatives
- Demonstrated ability to influence change and common-sense approaches to modern risk complexity
- Demonstrable interest in Public Cloud risk identification and mitigation
- Strong collaboration and interpersonal skill
Responsibilities:
- Identify risk, assess residual risk, and coordinate Corrective Action Plan (CAP) completion through collaboration with information security and engineering teams
- Negotiate with IA (Internal Audit; Third Line of Defense) and ORM (Operational Risk Management; Second Line of Defense), and with Policy Owners when more cloud-friendly policy changes need to be influenced
- Advise engineers on application of Policy across multiple concurrent technology domains such as
compute, container, DB, middleware, etc.
- Research origins of Policy in Regulations collaboratively with ICRM (Independent Compliance Risk Management)
- Engage with and lead advocacy efforts with regulators in Asia and EMEA on Public Cloud in partnership with Government Affairs and Regulatory Engagement teams.
- Design processes for building and maintaining services in Public Cloud with control in mind
- Maintain continual assessment of Management Controls Assessment (MCA) Efficacy for Public Cloud
- Monitor exceptions to dispute policy and identify common root causes of exceptions.
- Leverage data to examine impacts to Customer Experience and Regulatory breaks.
- Appropriately assess risk and demonstrate consideration for the firm’s reputation and safeguard Citigroup, its clients, and assets, by:
- Driving compliance with applicable laws, rules and regulations
- Adhering to Policy
- Applying sound ethical judgment regarding personal behavior, conduct and business practices
- Escalating, managing, and reporting control issues with transparency
- Influence Application Teams on best practices for MCA
Resource Basic Qualifications:
- Undergraduate degree in related field or equivalent experience
- 7+ years relevant work experience in Technology Risk & Controls in a large organization in a heavily regulated industry
- 3+ years relevant work experience in Public Cloud Technology (Amazon Web Services, Google Cloud Platform, Snowflake, MongoDB Atlas, Azure, etc.)
- MS Excel required. MS Access, SQL a plus.
- Consistent, clear, and concise written communication skills
- Ability to explain concepts consistently to stakeholders, including non-technical audiences
- Ability to firmly communicate the requirements and position of Policy that must be satisfied
- Ability to see the big picture with high attention to critical details
- Demonstrated ability to develop and implement strategy and process improvement initiatives
- Demonstrated ability to influence change and common-sense approaches to modern risk complexity
- Demonstrable interest in Public Cloud risk identification and mitigation
- Strong collaboration and interpersonal skills
REQUIREMENT SUMMARY
Min:7.0Max:12.0 year(s)
Information Technology/IT
IT Software - Other
Software Engineering
Graduate
Proficient
1
Remote, United Kingdom