Cybersecurity Risk Treatment Manager

Fiserv - Berkeley Township, NJ

posted 20 days ago

Full-time - Mid Level
Berkeley Township, NJ
10,001+ employees
Professional, Scientific, and Technical Services

About the position

The Cybersecurity Risk Treatment Manager at Fiserv plays a crucial role in assessing and managing cybersecurity and technology risks. This position involves collaborating with various teams to evaluate risk treatment approaches, ensuring compliance with established frameworks and policies, and maintaining accurate documentation of risks. The manager will focus on enhancing security measures across internal and business-controlled areas, while also supporting governance processes related to risk treatment activities.

Responsibilities

  • Serve on a distributed risk team responsible for reviewing and documenting security and technology controls through risk treatment.
  • Recommend risk reduction steps to be implemented and maintained through policies, procedures, frameworks, and technical controls.
  • Work closely with risk management and security leadership to evaluate and recommend remediation approaches aligning with organizational risk posture.
  • Identify strengths and weaknesses in technology and cybersecurity programs related to privacy, security, business resiliency, and compliance frameworks.
  • Support risk treatment governance through the development of processes to monitor quality, timeliness, and accuracy of risk treatment activities.
  • Maintain oversight of risks in a GRC-related platform and analyze workflows, design documents, and procedures to identify gaps in risk posture.
  • Create and present risk treatment and recommendation reports to risk management leadership.
  • Monitor plans of action and milestones for risk remediation requirements from internal and external security assessments.

Requirements

  • 8+ years' experience in risk management.
  • 5+ years' experience supporting internal audit or controls testing functions.
  • 5+ years' administration experience with IT general controls, cybersecurity pillars, third-party risk management, and business resiliency.
  • 3+ years' experience in regulatory requirements and laws such as PCI, FFIEC, Sarbanes-Oxley Act (SOX), HIPAA, GDPR, and GLBA.
  • 3 years' experience in vulnerability and configuration management.
  • 2+ years' experience in service design, delivery concepts, and control frameworks.
  • Experience in one or more of ISO 17799, ITIL, and NIST.
  • Bachelor's degree in computer science, IT security, or a related field, or an equivalent combination of education, work, and military experience.

Nice-to-haves

  • Certifications in one or more of the following: CIA, CRISC, CISSP, CISA, CGEIT, GCCC, GSEC and GISP.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service