Network & Cloud Products, Risk and Controls Lead

Fiserv • Full-time • Berkeley Heights, New Jersey, United States • 1m ago

About your role:
A Network and Cloud Products, Risk and Controls Lead is a management role focused on identifying, assessing, and mitigating risks associated with cloud and network technologies within Fiserv. This role involves developing and implementing risk management strategies, ensuring compliance with relevant regulations, and collaborating with various stakeholders to maintain a strong security posture. You will leverage experience in business and technical acumen environment to direct the program activities in the areas of audit, technology, compliance, risk management and security. In this role you will lead a team of five Network Security subject matter experts while ensuring implementation of industry standard frameworks for technology, such as COBIT, ISO, NIST, SANS, and others.

What you’ll do:

Manage and implement Governance, Risk and Control frameworks, and systems for technology and information security.
Manage the implementation of the components of the Information Technology Risk Program to include external compliance, internal audit, security, vendor management, operational risk, quality assurance and quality controls for technology and information security.
Demonstrate your team’s ability to execute and review audits of general IT controls including related infrastructure (Active Directory), operating systems (UNIX, Linux, Windows), databases (Oracle DB and MS SQL DB), and applications (Oracle, PeopleSoft, Salesforce, etc.).
Manage the development of guidelines & standards, and training on Risk Management practices and procedures appropriate for Fiserv’s needs to ensure that risk responsibilities are understood and carried out throughout the enterprise.
Manage technology process improvement projects, and transformational initiatives to improve IT risk and control profile.
Supervises the first line of defense Risk Management functions for IT meeting the Enterprise Risk Management (ERM) program elements, processes, and compliance requirements. Manage the Risk Controls Self-Assessment process for Information Technology and Information Security.
Ensures compliance with applicable federal, state, and local laws and regulations while maintaining knowledge of and adhering to Fiserv’s internal compliance policies and procedures.
Take responsibility to keep up to date with changing regulations and policies.

Experience you’ll need to have:

10+ years of previous experience working in Information Security or Information Technology in an enterprise network environment.
6+ years of SOX IT control execution or testing or IT auditing experience or IT risk.
5+ years of leadership experience and developing a team.
2+ years leading Risk and Control Self Assessments for technology or information security.
US citizenship for acquiring security clearances required to support high security government systems.
Bachelor's degree in a related field or an equivalent combination of education, military, and work experience.

Experience that would be great to have:

Certified Information Systems Security Professional (CISSP), Certified Information Security Manager, (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) preferred.
Understanding of cloud computing platforms (e.g., AWS, Azure, GCP), network architectures, security protocols, and best practices.
Security, risk, and audit specialized training highly recommended.

Important info about this role:

All offers of employment are contingent on standard background checks. Fiserv and certain of its affiliated companies are federal, state and/or local government contractors. Should this position support a Federal Government contract, now or in the future, the successful candidate will be subject to a background check conducted by the U.S. Government to determine eligibility and suitability for federal contract employment for public trust or sensitive positions. Positions that support state and/or local contracts also may require additional background checks to determine eligibility and suitability.

How you’ll work:

This role requires being on-call during non-standard and/or overnight hours on a rotational basis.
This role requires use of a computer and audio equipment.

#NetworkSecurity

#cism

#cissp

#crisc

#LI-CD1

R-10361421