Please contact your Administrator to change your authorization settings.
- Bachelor's degree in business or technology related field
- 7 years of experience in Risk Management, Information Security and Information Technology and/or Analytics
- 3 years of experience working with big data programming environments, competency in major analytics software packages and programming environments (e.g. Hadoop, Data bricks, Pyspark, Python, R, Java, etc.) and ability to build the systems from scratch
- Ability to demonstrate expertise in Pandas, NumPy and major packages used in data engineering
- 5-7 years of experience working with Robotic Process Automation (RPA) platforms and automation tools. Ability to configure new RPA processes and objects using core workflow principles that are maintainable, easy to understand, and efficient with architecture that is extensible and scalable to drive business outcomes using Robotics technologies such as UiPath, Automation Anywhere, Blue Prism, etc.
- 7+ years of experience delivering or supporting information systems using extract, translate, load (ETL) and publishing methods with hands on experience scheduling cron jobs to run automated reports on batch mode and pushing the reports to real time mode
- 7+ years of experience working with database technologies, including Oracle, SQL / NoSQL platforms, and visualization applications such as QlikView or Tableau
- Experience using scripting languages such as Python, Ruby, or JavaScript, and comfortable with REST API best practices and usage
- Ability to analyze data from various sources to identify trends, recommendations and key insights
- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) or other similar credentials strongly preferred
- Knowledge of common information security management frameworks and past participation in both initial certification and renewal of one or more of: ISO/IEC 27001, SOC 2/SSAE 16, PCI DSS, etc. is desired
- Subject matter expertise or in-depth experience of operating/securing in at least one of the following: network security, identity and access management, vulnerability management, cloud security, penetration testing or encryption management is a plus
- Experience in defining, developing, and implementing key risk and performance indicators strongly preferred
You will help to develop, implement, and monitor a strategic, comprehensive risk and control assurance program.
In this role you will lead us in the complexity of risk and security assurance for our digital solutions and platforms, both in the U.S. and abroad. You will provide guidance on security & privacy obligations needed and establish a plan on how to achieve them.
You will ensure that security policies and programs are compliant with relevant laws, regulations and policies to minimize or eliminate risks and audit findings. You may be consulted as part of creating and managing information security and privacy awareness training programs for team members, contractors and approved system users as well.
You will lead the design, development, testing, and implementation of automation solutions to validate the design and operating effectiveness of cyber control and policy requirements. You will review existing policy and control requirements and identify ways for measuring compliance using automated capabilities. You will analyze and lead discussion around architectural options, ensuring all options are considered to ensure optimal deployment.
You will be responsible for architecting, designing and implementing the automated solution(s). You will also develop actionable dashboards and provide regular reports to leadership highlighting key insights about the organization's cyber security posture.
Equal Opportunity Employment Disclaimer
McKinsey & Company is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, and other protected characteristics.