BNY Mellon (BNYM) is seeking a highly motivated professional with Cyber Security experience to join its Cybersecurity Audit team. The successful candidate will lead our cybersecurity presence in EMEA and will be responsible for assessing global and regional BNYM cybersecurity controls; ensuring adherence to regional and global regulations; manage projects (on time, within budget, quality-controlled) and in accordance with department methodologies and standards, and applicable regulatory requirements; maintaining relationships with key regional Internal Audit and Information Security Department Staff that maintain relationships with regulators across the EMEA region and manage EMEA regulator Cybersecurity information requests , lead project planning, including scoping and risk analysis; leverage advanced business knowledge or experience in order to practice strategic or systemic results; provide knowledge sharing and support of intellectual capital in a specialized technical area within audit groups or across the department; engage in relevant training regarding audit, regulations, or a particular specialty and actively seek to apply this knowledge role and pass it on to the wider audit team; demonstrate skills through advanced analysis of cybersecurity processes and issue identification as well as discussions with the project leader, audit manager, and auditees; understand business strategies, processes and regulations effectively and quickly across multiple area of the Bank; serve as an advisor in enhancing the control environment and operational efficiency; manage multiple ongoing projects and relationships while effectively responding to unplanned, critical needs; investigate unexpected situations, providing thoughtful analysis and resolution.

Some of the duties and responsibilities of this position include, but are not limited to:

Developing and executing a comprehensive cybersecurity audit strategy tailored to the EMEA region, aligning with regional regulatory requirements and global cybersecurity standards.
Leading and mentoring junior cybersecurity audit professionals, providing guidance to ensure the success of audit initiatives.
Staying up to speed with changes to EMEA cybersecurity regulations and standards and adapting the audit strategy accordingly.
Conducting thorough risk assessments specific to the EMEA region to identify and prioritize cybersecurity threats and vulnerabilities.
Planning and executing cybersecurity audits across various departments and systems, including network security, data protection, access controls, and incident response, with a focus on EMEA regulatory nuances.
Staying updated on regional cybersecurity trends, regulations, and emerging threats. Recommend the adoption of advanced cybersecurity technologies and practices relevant to the EMEA region.
Assessing and monitoring cybersecurity practices of third-party vendors, ensuring compliance with EMEA regulations and contractual requirements.
Supporting the auditing of security policies and procedures which safeguard infrastructure, systems, files, and data.
Performing Network Penetration testing.
Conducting application, network, and operating system security assessments.
Supporting investigations and research for possible computer security related incidents.
Supporting Threat Intelligence activities
Assessing incident response team actions and procedures.
Assessing Vulnerability Management programs.
Assessing security monitoring of clients, servers, applications, and network infrastructure activities.
Conducting log analysis to identify suspicious or malicious activity and anomalous behavior.
Represent cyber security on cross-functional IT project teams.
Supporting the analysis, design, functional review, and interpretation of requirements of security related hardware and software.
Understanding Data Protection risks and strategies.
Applying knowledge of key regulations and industry standards such as ISO 27001&2, NIST SP800-53, NIST Cybersecurity Framework
Knowledge of cybersecurity tools
Effective communication skills (both written and verbal)
Qualifications:

Bachelor's degree or equivalent combination of education and work experience required. Degree in accounting or Computer Science preferred. MBA, CISA, CISSP, CISM, or related certifications preferred. Relevant years of total work experience. Prior experience in Audit or Risk Management or Cybersecurity practices preferred. Additional core skill requirements include understanding of the applied and interpretation of analytics results for Audit, critical thinking and problem solving.
Reference : Senior Audit Project Leader (Cybersecurity) jobs