Cyber Software Security Expert

Software, Security
Full Time

Job Description

We are seeking a Cyber Software Security Expert for a permanent position with our financial client in NYC.

This group is responsible for developing, executing and maintaining a superior information security program that promotes resiliency by identifying and mitigating cyber risks and threats through risk-based consultation, advice, and direction for controls, designs, and investments for the entire Bank.

Your role as as Cyber Software Security Expert:
  • Design, develop and execute software security practices and strategy by building and maintaining security policies for tooling (SAST, DAST, OSS, IAST) to increase effectiveness and reduce false positive; promote, and build procedures for the security champions in the Agile squads; and, bring IS policy and standard expertise into the Agile Scrum squads.
  • Experienced in conducting and reviewing results from software security technical testing tools to identify vulnerabilities and contextualize business impact of cyber risks respectively.
  • Design, develop and execute NIST based cyber risk assessments practices and strategy by building and maintaining industry risk-based risk management practices.
  • Identify, measure, monitor, report on security risks within the information technology domain, and assess the adequacy of controls including information security, cyber security, software security practices and mitigations practices for technical vulnerabilities.

  • Overall, 7 years plus on enterprise cyber risk assessment and management and software security practices or equivalent experiences
  • Possession of or the ability to obtain and maintain National Security Clearance, which includes U.S. Citizenship
  • Understanding of risk management and control frameworks (NIST 800-53) and industry best practices. Understanding of vulnerability risk impact on key objectives and critical processes; ability to link risk management programs and initiatives to inform critical business strategies and processes
  • Knowledge of and experience implementing industry standards, frameworks, and best practices in cyber risk management programs, practices, and processes inclusive of risk identification, analysis, response, communication, monitoring and escalation.


Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Visit to contact us if you are an individual with a disability and require accommodation in the application process.
Dice Id : 10107614
Position Id : 313226
Originally Posted : 1 month ago
Have a Job? Post it

Similar Positions

Cloud Security Consultant - Azure
  • Deloitte
  • Phoenix, AZ, USA
Risk Management Framework - Solution Analyst
  • Deloitte
  • Lake Mary, FL, USA
Cyber Data Protection Senior Consultant
  • Deloitte
  • Costa Mesa, CA, USA
Cyber Cloud Security Manager
  • Deloitte
  • New York, NY, USA