Cybersecurity Risk & Compliance Assessment Lead

Join our team to play a pivotal role in mitigating tech risks and upholding operational excellence driving innovation in risk management.

As a Cybersecurity Risk & Compliance Assessment Lead in Cybersecurity Technology & Controls you will be responsible for evaluating delivery quality and integrity across a range of Global Technology Control Assessments (GTCA) including SOX SOC PCI FedRAMP and other regulatory frameworks. This function is designed to mitigate risks drive continuous improvement and enhance stakeholder confidence in the assessment process. You will also provide subject matter expertise and technical guidance to technology-aligned process owners ensuring that implemented controls are operating effectively and in compliance with regulatory legal and industry standards. By partnering with various stakeholders including Product Owners Business Control Managers and Regulatorsyou will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Your advanced knowledge of risk management principles practices and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape.

You will have the unique opportunity to help define and implement best-in-class assessment methodologies and practices. Ideal candidates will have hands-on experience executing end-to-end control reviews and assurance engagements with a strong track record of delivering high-quality evidence-based assessments in complex environments. This role is suited for professionals with significant experience in audit risk or compliance who are looking to make a strategic impact through leadership and innovation.

Job Responsibilities

• Lead and execute comprehensive independent evaluations of control and compliance assessments across all phasesplanning execution and reportingensuring accuracy reliability consistency and compliance throughout.
• Operate independently to document assessment results with clear workpapers findings improvement opportunities and remediation actions.
• Oversee and perform testing of GTCA controls and processes ensuring assessments are based on verified evidence and aligned with assessment methodologies and practices to address all relevant regulatory requirements risks and controls.
• Present review progress key insights and strategic recommendations to senior leadership and governance committees.
• Proactively identify manage and mitigate delivery risks by addressing potential obstacles and implementing contingency strategies to sustain program momentum.
• Foster a culture of continuous improvement and operational excellence providing training and driving innovation in methodologies and processes.
• Leverage your expertise in assurance and review methodologies to ensure methodological rigor consistent application of standards and thorough review and validation of deliverables.
• Review assessments and reports to validate they are completed on schedule based on verified data and address relevant regulatory requirements risks and controls.
• Evaluate ongoing improvements to processes and tools and verify that team members are well-trained and knowledgeable about current regulations and assessment practices.
• Ensure assessments are objective transparent and ethically conducted maintaining confidentiality and data privacy and compliance with all relevant laws regulations and internal policies.

Required Qualifications Capabilities and Skills

• 7 years of experience in IT risk audit compliance or control assessment including at least 3 years of internal or external audit experience leading reviews and managing stakeholders in large financial institutions.
• Proven ability to lead projects and teams manage multiple assessment reviews and collaborate effectively across functions in complex environments.
• Exceptional written and verbal communication skills with the ability to translate complex technical and regulatory information into clear actionable messaging for diverse audiences including senior leaders stakeholders and clients.
• Detail-oriented with strong documentation skills and a demonstrated ability to learn and apply new concepts quickly.
• Skilled in critical thinking root cause analysis and structured problem-solving to drive continuous improvement.
• Ability to ensure decisions or constraints affecting program delivery are effectively escalated and addressed in a timely manner.
• Strong background in information security IT General Controls risk and control frameworks and regulatory compliance including hands-on experience with SOX SOC PCI and regulatory technology assessments.
• Growth mindset with the ability to drive strategy and execute at scale.

Preferred Qualifications Capabilities and Skills

• CISA CIA CPA CISSP or similar industry-recognized risk and risk certifications are preferred.

#CTC