Cybersecurity Program Strategist - Assessments and Remediation

About The Position

Requirements

• Bachelor's degree in business administration, technology related field or equivalent education and related training
• Five years of demonstrated progressive experience in Cybersecurity experience
• Foundational knowledge of cybersecurity terms, concepts, disciplines and frameworks
• Able to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need.

Nice To Haves

• Knowledge of financial services industry and all applicable regulations and industry standards
• Cyber security certifications such a Security +, CISA, CEH are a plus
• Basic familiarity with GitLab SaaS and CI/CD pipelines, including an understanding of how security controls and testing activities integrate into the software delivery lifecycle.
• Advanced familiarity with Archer (preferred), ServiceNow (preferred), IBM OpenPages or other Governance Risk and Compliance (GRC) platform

Responsibilities

• Partner closely with lines of business and internal IT teams to thoughtfully evaluate initiatives, releases, and projects, ensuring technical and cybersecurity requirements are clearly understood and aligned to business objectives.
• Serve as a trusted advisor by researching and translating business needs into practical, risk‑aware technical solutions through collaboration with internal delivery and application teams, solution providers, and subject matter experts.
• Clearly communicate and document findings, recommended solutions, impact analysis, and associated risks in a manner tailored for senior leadership and C‑Suite audiences.
• Lead issue management and remediation efforts within Archer, ensuring issues are accurately documented, ownership is clear, and remediation plans are actionable, measurable, and effectively tracked through resolution.
• Document cybersecurity findings and remediation strategies with executive‑level clarity, balancing technical accuracy with business context to support informed decision‑making.
• Oversee and perform qualitative and quantitative analysis to help guide program strategy and inform both near‑term execution and longer‑term planning.
• Provide informed recommendations on cybersecurity projects and initiatives, incorporating an understanding of the Technology Delivery Lifecycle/Software Delivery Lifecycle (TDLC/SDLC) frameworks and how security controls are integrated throughout the lifecycle.
• Demonstrate working knowledge of foundational cybersecurity controls and practices, such as SAST, DAST, penetration testing, identity and access management (IAM), and related risk‑reduction techniques.
• Consult with business leaders to help design, refine, and mature processes and procedures that strengthen security, resilience, and regulatory alignment.
• Maintain awareness of enterprise technology, infrastructure, standards, and strategic direction, leveraging this understanding to guide partners toward secure, scalable solutions that support overall business goals.

Benefits

• medical
• dental
• vision
• life insurance
• disability
• accidental death and dismemberment
• tax-preferred savings accounts
• 401k plan
• 10 days of vacation
• 10 sick days
• paid holidays