Risk & Controls Assessment & Testing Specialist

*Hybrid Contract Opportunity*

Lighthouse Technology Services is partnering with our client to fill their Technology Controls Assessment & Testing Specialist (Cyber) position! This is a 6 month contract opportunity with potential to extend or hire, and will be hybrid in Buffalo, NY. This role will be a W2 employee of Lighthouse Technology Services during the contract period.

What You'll Be Doing:

• Lead risk analysis for complex initiatives, influencing overarching risk frameworks and providing advanced guidance to leadership for informed decision-making aligned with organizational imperatives.
• Develop and implement strategic approaches for in-depth risk assessments covering all technology capabilities.
• Develop and execute sophisticated risk management frameworks and programs, ensuring alignment with business objectives and regulatory requirements.
• Drive enforcement of frameworks, providing expert guidance and continually assessing regulations and standards to achieve industry-leading technology risk compliance.
• Collaborate with cross-functional teams and senior or executive leadership to align technology practices with business goals and regulatory requirements.
• Maintain productive relationships with stakeholders and third-party engagements to ensure the resiliency of Technology, Cybersecurity, and overall banking operations.
• Coordinate preparation and response to regulatory engagements, including reviewing responses for accuracy, meeting regulatory requests, and organizing relevant documents.
• Encourage innovation in risk management strategies by identifying advanced methodologies to address evolving threats and recommending implementation paths.
• Provide advanced mentorship to mid-level analysts, fostering their professional growth and maintaining high standards within the risk analyst team.
• Contribute to the design and delivery of training programs to enhance knowledge of technology and cybersecurity risk management.
• Ensure compliance with company risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite.
• Promote an inclusive environment that supports diversity and aligns with the company's brand values.
• Maintain internal control standards, including the timely resolution of audit and regulatory issues.

What You'll Need to Have:

• Bachelor's degree and a minimum of 7 years of relevant work experience, or in lieu of a degree, a combined minimum of 11 years of higher education and/or work experience.
• Demonstrated expert knowledge of Technology and/or Cybersecurity risk principles.
• Minimum of 6 years of relevant work experience in Technology, Cybersecurity risk, and/or business unit operations.
• Previous experience with NIST (National Institute of Standards and Technology) or Cybersecurity frameworks, with a strong focus on NIST 800-53 and 800-53a.
• Strong knowledge of cybersecurity principles and industry best practices related to confidentiality, integrity, and availability.
• Proven knowledge of information technology security principles and implementation methods (e.g., firewalls, encryption, Active Directory, SAML).
• Skilled in evaluating security controls based on confidentiality, integrity, and availability requirements of systems.
• Experience handling multiple projects while meeting strict deadlines.
• Experience overseeing project tasks for less experienced team members.

Preferred Experience:

• Master’s degree in Information Technology, Computer Science, Cybersecurity, Law, Business Administration, or related field.
• Active certifications such as CISA, CAP, CISSP, CISM, or CRISC.
• Working knowledge of NIST SP800-53 and 800-53a Controls or other recognized control frameworks (e.g., COBIT, ISO).
• Familiarity with risk tolerance and risk management approaches.
• Experience in project management methodologies.
• Strong understanding of security technologies and architecture, including encryption, cloud network security design, role-based access control, and application security.
• Knowledge of emerging Cybersecurity threats and security issues.
• Experience conducting security control testing and IT audits.

Pay Range: $70-$85/hr

Questions about any of our jobs? Email us at recruiting@lhtservices.com

View all of our open jobs here: jobs.lhtservices.com