Talent page

Vacancy Opportunities throughout our Network
Holland FinTech
Holland FinTech
184
companies
3,597
Jobs
Search
jobs
Explore
companiesTalent
network
My job alerts
\n

\n","datePosted":"2023-08-31T13:40:31.653Z","employmentType":[],"hiringOrganization":{"@type":"Organization","name":"McKinsey & Company","sameAs":"https://mckinsey.com","logo":"https://cdn.filestackcontent.com/output=f:webp,t:true,q:80,c:true/cache=expiry:max/resize=w:340/P77DPRtGTye15MmkcIyC"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"San Jose, CA, USA"}}}

Cyber & Data Compliance Analyst

McKinsey & Company

IT, Legal
San Jose, CA, USA
Posted on Thursday, August 31, 2023
Apply
Risk & Compliance

Cyber & Data Compliance Analyst

  • San Jose
Apply Now

Who You'll Work With

You’ll work as a core member of a team that is globally distributed across Costa Rica, Prague, Canada and various offices in the United States. You’ll be part of our Cyber & Data Risk & Compliance team in Costa Rica. You will work with the team to ensure policy compliance, manage risks, and drive collaboration for cyber priorities.

What You'll Do

You will work as part of the firm’s global Cyber and Data Risk and Compliance team to provide a “single pane of glass” and ensure accurate snapshot of our cybersecurity posture to guide cybersecurity priorities, enhancements, and investments. The goal is to drive compliance against all cyber and data policy requirements.
You will help deliver an end-to-end, holistic approach that ensures detected policy violations are appropriately tracked to effectively manage underlying risks. You will track issues from the policy monitoring and violation detection program and work with product teams and specific individuals to ensure actions plans are in place to mitigate risk, risk exceptions and acceptances are reviewed and approved by appropriate individuals, escalations are performed when needed, and consequences are imposed to promote compliance and accountability.
You will work closely and collaboratively with various functions, cells, and teams across the firm to promote timely detection of gaps and identify enhancement opportunities against a prioritized set of requirements for all cyber and data policies. You will work with various teams to ensure issues identified through various sources including due diligences performed prior to deal closing for acquisitions, automated mechanisms in place to detect product level gaps, and all audits and assessments are appropriately managed.
Specifically, this role will handle the end-to-end compliance processes for all pre-defined and ad hoc policy violations detected real time. This will include reviews and assessments to determine design and operating effectiveness against a set of cyber and data policy requirements, alerts & escalations to ensure colleagues and teams are aware of policy violation, follow-ups with issue owners to ensure timely execution and delivery against plans. You will support the creation of periodic reports for SteerCo and other leadership committee groups to highlight critical issues and constraints for decisioning and actioning.

Qualifications

  • Bachelor’s degree in computer science, information security or technology related field
  • 2+ years of experience in risk management, information security, or IT
  • Exhibit excellent written and analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
  • Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Senior Analyst (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired
  • Knowledge of common information security management frameworks and past participation in both initial certification and renewal of one or more of: ISO/IEC 27001, SOC 2/SSAE 16, PCI DSS, etc.
  • High degree of personal ownership to ensure quality work is delivered on time
  • Ability to collaborate with others and work in both a team environment and independently
  • Attention to detail, process and organization with the ability to prioritize across different workstreams
Industries
  • High Tech
Capabilities
  • Risk & Resilience
  • Technology
Apply Now

FOR U.S. APPLICANTS: McKinsey & Company is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by applicable law.

FOR NON-U.S. APPLICANTS: McKinsey & Company is an Equal Opportunity employer. For additional details regarding our global EEO policy and diversity initiatives, please visit our McKinsey Careers and Diversity & Inclusion sites.

Job Skill Group - CSSA
Job Skill Code - CYRA - Analyst, Cyber and Data Risk
Function - Risk & Resilience;Technology
Industry - High Tech
Post to LinkedIn - Yes
Posted to LinkedIn Date - Wed Aug 30 00:00:00 GMT 2023
LinkedIn Posting City - San Jose
LinkedIn Posting State/Province -
LinkedIn Posting Country - Costa Rica
LinkedIn Job Title - Cyber & Data Compliance Analyst
LinkedIn Function - Analyst;Information Technology
LinkedIn Industry - Computer & Network Security;Information Technology and Services
LinkedIn Seniority Level - Not Applicable
Apply now
See more open positions at McKinsey & Company
Privacy policyCookie policy