Executing and leading Application Security/Product security assessments, identifying issues that needs appropriate risk treatment, and reporting them to the senior ATS stakeholders.
Partnering with RATE (Risk Assessment Testing and Enforcement) leadership to help them recommend and enforce approved Technology Standards for use across the enterprise.
Suggest ways to enhance the review process for better effectiveness and efficiency.
Supporting the development / enhancement of processes / tooling that helps better identify / record / address the information security risks.
Ability to interpret and act on assigned tasks
Ability to review the activity/tasks completed by other assessors for quality.

13+ years minimum experience in Cyber Security, Cyber Risk management / risk consulting, application/product security, software security and vulnerabilities.
Good understanding of various third-party risk management frameworks and standards.
Knowledge of OWASP TOP 10 and Network Security
Experience in IT General Controls (ITGC) and IT Application Controls (ITAC) testing and evaluation
Familiarity with cloud security controls and best practices
Experience and understanding of AI/ML working principles, including control testing and related risks
Experience in leading project automation activities
Good exposure to regulatory requirements in other industries.
Proven program management and project automation skills.
Understanding of Cyber Security Risk Management processes
Familiarity with GDPR, ISO 27001, SOC 2, and related standards/frameworks and compliance requirements
Certified Ethical Hacker (CEH) certification or equivalent skills
Knowledge of vulnerabilities, threat identification, and remediation; ability to understand and analyze penetration test (Pentest) reports
Working knowledge of PCI-DSS compliance and control requirements.

Lead Cybersecurity – Risk Assessment Testing and Enforcement

Key skills