Job responsibilities
- Participate in effective planning, design, conduct, and evaluation of both internal and external resiliency simulations and testing in accordance with the firm’s business and technology standards as well as global regulatory frameworks
- Support across all aspects of exercise project management, spanning the entire engagement lifecycle (i.e., plan, design, conduct, and assess) to include scheduling meetings, reserving venues, facilitating discussions, and providing senior leader project updates
- Coordinate with key stakeholders across the firm to develop tailored, all-hazards simulation scenarios that achieve business, resiliency, technology, and/or cyber incident response objectives
- Support post-exercise after-action analysis, reporting, and assessment, synthesize corrective actions, implement tracking/monitoring of progress, and design future simulations to validate improvements
- Identify and address opportunities in process, procedures, tooling, and knowledge management.
- Support overall team strategy and capability uplift initiatives to drive rapid maturity
Required qualifications, capabilities, and skills
- Minimum 3 years of experience in planning, developing, and coordinating incident response playbooks, runbooks, or other key operational processes across a large organization. General knowledge of, and experience working within, the financial services sectorin required
- Bachelor’s Degree in Computer Science / Information Systems / Engineering or related disciplines
- Ability to perform on specific weekends to support testing events
- Demonstrated ability to manage multiple, parallel, complex engagements collaboratively with a diverse set of stakeholders, subject matter experts, and senior leaders to build requirements and execute across a core set of project milestones
- Familiarity with how key international financial systems operate, to include an understanding of the current threat landscape, operational resiliency considerations, and possible systemic risk scenarios. Experience formulating and/or interpreting threat and risk analyses of cyber adversary techniques, technology disruptions, terrorist attacks, severe weather, and other major hazards
- Experience developing and presenting briefings to collaborative partners in addition to large group meeting facilitation and logistics planning
- Excellent writing skills and ability to communicate effectively. Proficiency in the use of Microsoft Office and related technologies. Background in metrics development, risk analysis & visualization, and automation in required
- The ideal candidate must demonstrate exceptional organizational skills necessary to plan, design, and coordinate the development of simulations and ensure crisis management and incident response procedures are integrated across the firm
Preferred qualifications, capabilities, and skills
- Hold relevant industry certifications showing expertise in cybersecurity and technology testing methodologies or resiliency
- Knowledge/experience in technology and business infrastructure
- Experience in proactive threat monitoring, assessment and analysis