Cybersecurity, Sr. Consultant - Regulatory, Audit, & Compliance

About the position Responsibilities

• Oversee and manage audits, compliance, and regulatory activities related to Cybersecurity, including FBA/FFIEC, Bank of England, other regulators, GLBA, SSAE16/ISAE3402, SOC 2, PCI-DSS, Sarbanes-Oxley (SOX), internal audits, ISO, NIST, COSO, COBIT, and customer/client inquiries.
• Collaborate with various functions such as corporate compliance, internal audit, enterprise risk management, regulatory risk, and technical teams to facilitate audit, regulatory, and compliance practices for information security.
• Promote proactive readiness activities and enhance information security based internal controls to support future reviews.
• Leverage Artificial Intelligence tools or other automation tools to improve efficiency and productivity in audit and compliance processes.
• Develop comprehensive risk management reports, including dashboards, metrics, and executive summaries.
• Advise Cybersecurity leadership on the status of technology risk and compliance issues, based on assessment results and information from various monitoring and control systems.

Requirements

• 8+ years of relevant work experience with a Bachelor's Degree or at least 5 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 2 years of work experience with a PhD, OR 11+ years of relevant work experience.
• 9 or more years of relevant work experience with a Bachelor Degree or 7 or more relevant years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 3 or more years of experience with a PhD.
• Bachelor's degree in Computer Science, Information Systems, Management Information Systems, or Business Administration or another related field.
• 8-10 years of leadership experience in Information Security, Audit, Risk, and/or Compliance.
• 6+ years direct participation and experience across common industry security policy areas, including PCI-DSS, ISO, NIST, COSO, COBIT, FFIEC, SOX, SSAE16/ISAE3402, SOC 2 and others.
• Proven experience collaborating with multiple stakeholders on both internal and external delivery and communication initiatives.
• Ability to synthesize diverse data points, solve problems, and develop comprehensive and effective execution and risk mitigation plans.
• Strong executive presence and exceptional communication skills, with experience in audit, compliance, regulatory discussions, and proactive readiness activities with internal partners and external clients.
• Capability to influence beyond the immediate team and engage with more experienced or senior individuals.
• Must be highly flexible and able to manage multiple tasks and priorities under tight deadlines.
• Data Analysis skills using arenaflex Excel, SQL, or other scripting languages.
• Broad and deep experience across PCI standards (DSS, PIN, P2PE, Token etc.) with the ability to apply the standards with confidence across different organizational contexts.
• Previous experience in implementing or managing Governance, Risk, and Compliance (GRC) tools, as well as developing dashboards and creating tools to automate tasks in order to enhance efficiency.
• CISSP, CISA, CISM, CEH, PCI QSA/ISA Certifications preferred. Nice-to-haves
• Advanced Degree (e.g., Masters, MBA) in related field.

Benefits

• Medical
• Dental
• Vision
• 401 (k)
• FSA/HSA
• Life Insurance
• Paid Time Off
• Wellness Program Apply tot his job Apply tot his job Apply tot his job

Apply tot his job Apply To this Job