Current Statistics
1,431,407 Total Jobs 276,467 Jobs Today 17,279 Cities 222,692 Job Seekers 146,724 Resumes |
|
|
|
|
|
|
Head of Program and Projects for the Protect Pillar - Philadelphia Pennsylvania
Company: Brown Brothers Harriman & Co. Location: Philadelphia, Pennsylvania
Posted On: 04/25/2024
Head of Program and Governance for the Protect Pillar page is loaded Head of Program and Governance for the Protect Pillar Apply locations Philadelphia time type Full time posted on Posted 6 Days Ago job requisition id 60923 At BBH we value diverse backgrounds, so if your experience looks a little different from what we've outlined and you think you can bring value to the role, we will still welcome your application!What You Can Expect At BBH:If you join BBH you will find a collaborative environment that enables you to step outside your role to add value wherever you can. You will have direct access to clients, information and experts across all business areas around the world. BBH will provide you with opportunities to grow your expertise, take on new challenges, and reinvent yourself-without leaving the firm. We encourage a culture of inclusion that values each employee's unique perspective. We provide a high-quality benefits program emphasizing good health, financial security, and peace of mind. Ultimately we want you to have rewarding work with the flexibility to enjoy personal and family experiences at every career stage. Our BBH Cares program offers volunteer opportunities to give back to your community and help transform the lives of others.Responsibilities: - Assess components of the cyber program (SOC monitoring; vulnerability management; configuration management; secure coding; infrastructure defense; cyber incident reporting; BCP) against: (1) nationally recognized cybersecurity standards, e.g., NIST, FFIEC, etc.; (2) new regulatory requirements - DFS Part 500, amended and DORA; and (3) cyber programs of other financial services firms. Make recommendations to the Head of the Protect Pillar on areas of enhancements.
- - Primary lead for the Protect Pillar in implementing controls designed to comply with the second amendment to DFS Part 500; to Europe's DORA; and other cybersecurity, operational resilience or incident reporting-related regulations, as may be implemented (e.g., CSSF 24/847)
- - Keep abreast of evolving cyber security threats, trends, typologies and industry standards
- Train the Protect team on latest trends and typologies
- Assist in designing rules in Outseer, the vendor tool used to monitor for suspicious log-ins, including:
- Developing two risk profiles - one for PB and the other for InServ - and configuring rules tailored to each line of business
- Training the team on the use of the case management tool, and on researching IP addresses - including identifying the geographic location of the IP address; the ownership of the IP address, if available
- Developing a checklist that the team can use to assess each alert type in Outseer
- Developing a process to review prior alert reasons and tune/re-configure on a regular basis to minimize false positives and optimize quality alerts
- Assess components of the ISM process (access provisioning, authentication protocols, certification process) against: (1) nationally recognized cybersecurity standards, e.g., NIST, FFIEC, etc.; (2) new regulatory requirements - DFS Part 500, amended; and (3) authentication protocols of other industry participants. Make recommendations to the Head of the Protect Pillar on areas of enhancements.
- - On an annual basis, conduct cyber program maintenance: e.g., review/refresh previously approved cyber-related client due diligence responses; review/refresh cyber countries of interest (countries blocked by our firewalls; countries blocked from reaching our network; etc); assess KRIs/KPIs most helpful in identifying risk trends or trajectories.
- - Provide ad hoc assistance to the Head of the Protect Pillar as neededQualifications
|
|
|
|
|
|
|