Audit Senior (Cybersecurity) BNYMellon is seeking a highly motivated professional to join its CyberSecurityAudit team. The successful candidate will work in a technically diverse and dynamic environment with a team ofTechnologyAuditSecurity professionalsresponsible forauditing all aspects of the organization’scybersecurity activities. The successful candidate will be involved in multiple aspects of thecybersecurityaudit program. The individual works closely with anAudit project leader and/oraudit management,otherauditors and theauditees (the client) on each project. Additionally the individual would work closely with clients and must be able to explain theaudit process (if appropriate) and any findings or results. This requires both good oral and written communications skills and an ability to be sensitive to the needs of clients and team members. Must be able to keep sensitive information confidential and know how to use appropriately. Key Roles &Responsibilities of this position include, but are not limited to: · Assess incident response team actions and procedures. · Supportinvestigations and research for possible computersecurity related incidents. · Performinternalaudits to validate the effectiveness ofcybersecurity controls · Conduct application,network, and operating systemsecurity assessments. · Assesssecurity monitoring of clients, servers, applications, andnetworkinfrastructure activities. · Conduct log analysis to identify suspicious or malicious activity and anomalous behavior. · Representcybersecurity on cross-functional IT project teams. · Supportsecurity projects that implementinfrastructure, applications or systems solutions ensuring timely delivery of functional, technical andsecurity requirements. · Support the analysis, design, functional review and interpretation of requirements ofsecurity related hardware and software. · Support theauditing ofsecurity policy and procedure which safeguardinfrastructure, systems, files and data. · Assess Vulnerability Management programs · SupportThreat Intelligence activities · Understand Data Protectionrisks and strategies · PerformNetwork Penetration testing. · Effective Stakeholder Management · Knowledge of key regulations and industry standards such asISO 27001&2, NIST SP800-53, NIST CybersecurityFramework, NYDFS etc
College degree or equivalent. 4 year degree in technology field or finance; other subjects may be applicable to specialties / Military experience preferred. Minimum experience: 4-6 years relevant experience.
Internal Jobcode: 33380
Organization: Audit Technology-HR07992
Requisition Number: 1713041