Cyber Security Engineer - Sr. Consultant level - Regulatory, Audit, & Compliance

About The Position

Requirements

• 8+ years of relevant work experience with a Bachelor's degree or at least 5 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 2 years of work experience with a PhD, OR 11+ years of relevant work experience.
• 8-10 years of leadership experience in Information Security, Audit, Risk, and/or Compliance.
• 6+ years direct participation and experience across common industry security policy areas, including PCI-DSS, NIST, COSO, COBIT, FFIEC, SOX, SSAE16/ISAE3402, SOC 2 and others.
• Proven experience collaborating with multiple stakeholders on both internal and external delivery and communication initiatives.
• Expertise in implementing and integrating enterprise GRC solutions, including AuditBoard, with hands-on experience in system integrations and platform administration.
• Hands-on experience with workflow automation, APIs, scripting, or low-code/no-code tools.
• Strong executive presence and exceptional communication skills, with experience in audit, compliance, regulatory discussions, and proactive readiness activities with internal partners and external clients.
• Capability to influence beyond the immediate team and engage with more experienced or senior individuals.
• Must be highly flexible and able to manage multiple tasks and priorities under tight deadlines.
• Data Analysis skills using Microsoft Excel, SQL, or other scripting languages.
• Broad and deep experience across PCI standards (DSS, PIN, P2PE, Token etc.) with the ability to apply the standards with confidence across different organizational contexts.
• Previous experience in implementing or managing Governance, Risk, and Compliance (GRC) tools, as well as developing dashboards and creating tools to automate tasks to enhance efficiency.
• Prior experience in utilizing Artificial Intelligence tools to improve efficiency.

Nice To Haves

• Advanced Degree (e.g., Masters, MBA) in related field.
• Bachelor’s degree in Computer Science, Information Systems, Management Information Systems, or Business Administration or another related field.
• CISSP, CISA, CISM, CEH, PCI QSA/ISA Certifications preferred.

Responsibilities

• Oversee and manage audits, compliance, and regulatory activities related to Cybersecurity, including FBA/FFIEC, Bank of England, other regulators, GLBA, SSAE16/ISAE3402, SOC 2, PCI-DSS, Sarbanes-Oxley (SOX), internal audits, ISO, NIST, COSO, COBIT, and customer/client inquiries.
• Collaborate with Cybersecurity, Technology, Compliance, Audit, and HRIS teams to automate manual compliance and control tasks for ongoing audit readiness.
• Regularly review, analyze, and apply current technologies, including AI and machine learning, to enhance automation, efficiency, and risk management within Regulatory, Audit, and Compliance functions.
• Build intuitive dashboards and reporting capabilities for stakeholders, providing real-time visibility into the risk and compliance posture of critical business systems.
• Advise Cybersecurity leadership on the status of technology risk and compliance issues, based on assessment results and information from various monitoring and control systems.

Benefits

• Medical
• Dental
• Vision
• 401 (k)
• FSA/HSA
• Life Insurance
• Paid Time Off
• Wellness Program