Login

Senior Information Risk Specialist

BNY Mellon | United States

Applying to this job will open a new window on the employer's web site to apply there.
Posted Date 2/10/2025
Description

Senior Information Risk Specialist

At BNY, our culture empowers you to grow and succeed. As a leading global financial services company at the center of the world’s financial system we touch nearly 20% of the world’s investible assets. Every day around the globe, our 50,000+ employees bring the power of their perspective to the table to create solutions with our clients that benefit businesses, communities and people everywhere.

We continue to be a leader in the industry, awarded as a top home for innovators and for creating an inclusive workplace. Through our unique ideas and talents, together we help make money work for the world. This is what #LifeAtBNY is all about.

We’re seeking a future team member for the role of Senior Information Risk Specialist to join our Information Security Division – Business Information Security Office. This role is located in Washington, DC; Lake Mary, FL; or Pittsburgh, PA – HYBRID.

In this role, you’ll make an impact in the following ways:

  • Possess deep understanding of the National Institute of Standards and Technology (NIST) Risk Management Framework and supporting legislation such as the Federal Information System Modernization Act of 2014 (FISMA).
  • Develop and maintain comprehensive security documentation required by FISMA, including conductive frequent reviews and updates for continued accuracy.
  • Ensures internal controls related to information risk management are effective and drive the review of continued compliance to NIST requirements.
  • Lead the Authority to Operate (ATO) processes for information systems.
  • Demonstrate a breadth of knowledge of information risk management best practices and a thorough understanding of control and risk management concepts.
  • Perform security control assessments, including establishing metrics and measures to assess security control effectiveness, and provide recommendations for any areas of improvement.
  • Serve as the primary point of contact for all inquiries pertaining to audits, security documentation, and control compliance.
  • Displays the ability to collaborate with team members (technical and non-technical) to ensure issues are addressed and relevant technical risk information is collected.
  • Provide briefings on the ATO status, audit findings and remediations, and current control gaps.
  • Contribute to reducing the likelihood of negative reputational and regulatory due to non-compliance with the Bank's information risk management policies and standards, including local procedures specific to the assigned business/business partner areas.
  • Identify and assess potential threats and vulnerabilities.
  • Prepare and coordinate the evidence required for audits, including responding to any audit findings.

To be successful in this role, we’re seeking the following:

  • Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred.
  • 8+ years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus
  • Experience with federal compliance preferred.
  • Individual must possess the ability to obtain and maintain a Public Trust security clearance and obtain Personal Identity Verification (PIV) credentials for federal systems access.
  • Demonstrated experience managing or executing successful ATO processes preferred.
  • Certified Information Security Management (CISM), Certified Information Systems Security Professional (CISSP), or Certified Information Systems Auditor (CISA) security certification preferred.
  • Demonstrate deep understanding of FISMA requirements and NIST special publications (800-53, 800-37, 800-171).
  • Excellent decision-making skills, moral/ethical standards, teamwork/collaboration, multitasking, and attention to detail.
  • Exceptional organization and process management skills.
  • Strong knowledge of the Risk Management Framework (RMF).
  • Proficiency in M365 applications.

At BNY, our culture speaks for itself. Here’s a few of our awards:

  • America’s Most Innovative Companies, Fortune, 2024
  • World’s Most Admired Companies, Fortune 2024
  • Human Rights Campaign Foundation, Corporate Equality Index, 100% score, 2023-2024
  • Best Places to Work for Disability Inclusion, Disability: IN – 100% score, 2023-2024
  • “Most Just Companies”, Just Capital and CNBC, 2024
  • Dow Jones Sustainability Indices, Top performing company for Sustainability, 2024
  • Bloomberg’s Gender Equality Index (GEI), 2023


Our Benefits and Rewards:

BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.

BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.

Share this opportunity