18 enterprise risk management jobs found in Boston, MA

The Information Security Manager is responsible for establishing and maintaining a corporate wide information security management program to ensure that information assets are adequately protected. This position is responsible for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise. The ISM serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee, and business information in compliance with the organization's information security policies. A key element of the ISM's role is working with executive management to determine acceptable levels of risk for the organization. The ISM must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode. The ISM's job is...

Overview Reporting to the Director of Operational Risk, Information Security & Vendor Management, the Information Security Risk Manager is responsible for assisting the Director of Operational Risk, Information Security & Vendor Management with maintaining and continually enhancing the Bank's information security and second line testing programs. In particular, responsibilities include the development, coordination, implementation, governance, and ongoing management of enterprise-wide policy and controls. Responsibilities Utilize industry experience and knowledge to provide expertise and support to ensure the Bank's information security program remains in compliance with applicable standards and regulations, including evolving data privacy regulations. Adhere/enhance control testing processes to ensure information security, risk, and vendor management policies are adhered to. Assist with the management of cyber security compliance functions including reporting on...

At Wells Fargo, we are looking for talented people who will put our customers at the center of everything we do. We are seeking candidates who embrace diversity, equity and inclusion in a workplace where everyone feels valued and inspired. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you. Learn more about the career areas and lines of business at wellsfargojobs.com . About this role: Wells Fargo is seeking a Senior Lead Cyber Security Research Consultant in technology as part of the Advanced Research Engineering (ARE) Team within the Cyber Threat Management Group (CTMG) to be part of a dedicated team of research engineers who are tasked with independent research and recommending complicated cyber security solutions. This Senior Lead Research Consultant will have experience in advanced engineering, custom automation development, micro services, cloud computing and in-depth knowledge of cyber security controls. In this...

At Wells Fargo, we are looking for talented people who will put our customers at the center of everything we do. We are seeking candidates who embrace diversity, equity and inclusion in a workplace where everyone feels valued and inspired. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you. Wells Fargo is seeking a Lead Information Security Analyst in Technology as a part of The Enterprise Data Loss Prevention (EDLP) Solutions team. Learn more about the career areas and lines of business at wellsfargojobs.com The Lead Information Security Analyst is a key role supporting our mission to prevent inappropriate external sharing and distribution of sensitive company, customer and employee information. In this role, you will: Design, implement, and tune rules and techniques to prevent risky user behaviors in partnership with security, investigative partners, business groups and other stakeholders Lead and support enterprise...

About this role: The Enterprise Data Loss Prevention (EDLP) Innovation team Lead Information Security Analyst is a key role supporting our mission to prevent inappropriate external sharing and distribution of sensitive company, customer and employee information. Responsibilities include, but aren't limited to: - Designing, implementing and tuning rules and techniques to prevent risky user behaviors in partnership with security, investigative partners, business groups and other stakeholders. - Lead and support enterprise transition to next-generation cloud-based DLP solutions. - Lead and support ongoing rule/technique change management and associated controls execution. - Assist with inquiries from risk partners, Internal Audit and regulatory bodies on EDLP controls and procedures. In this role, you will: Provide advanced information security consultation for all aspects of information security compliance policy, risk management, and remediation...

About this role: Our ICS team is looking for an information security leader to join our Enterprise Data Loss Prevention (EDLP) team as the manager of the DLP Triage function. The manager will be responsible for leading a team of roughly 8+ in identifying, triaging and managing potential data loss events and data protection initiatives through appropriate resolution paths. This role will partner closely with the EDLP Response and Innovation teams to identify emerging patterns of risky user behaviors and develop actionable recommendations for DLP policy rule enhancements and tuning. General duties include managing daily operations and resource assignments, partnering with security control stakeholders to reduce risk of data loss, continuous tuning/optimization of operations to improve effectiveness and efficiency, as well as responding to audit and regulatory obligations. The position involves regular interactions with senior leadership and business-aligned security leaders,...

About this role: Wells Fargo is seeking a Lead Information Security Engineer. In this role, you will: This position will support the IAM Organization in knowledge and alignment with Information Cyber Security (ICS) and IAM organizations for access needs. Deliver process consistency across Wells Fargo EIT supporting Access Management initiatives Works with a variety complex applications and/or application initiatives. Utilizes a thorough understanding of available technology, tools, and existing designs. Works on the most complex problems where analysis of situations or data requires evaluation of intangible factors. Assist with solution design to streamline and modernize authentication, authorization and federation capabilities for applications. Build and maintain strong relationships with various stakeholders throughout the organization. Serves as the highest level of information security consultant to all internal clients, technical...

About this role: Wells Fargo is seeking a Cyber Security Research Consultant. This role will be focused on building a library of capabilities that can be used by internal adversarial security staff to more efficiently perform day to day operations or recreate attacks from previous assessments quickly and easily. This role will be directly engaged with the development of tools and containers that will allow a self-service capability for security consultants to perform activities in an on-demand manner. This role will both seek out automation opportunities as well as take in requests from partner teams for tools that would enhance organizational capabilities. In this role, you will: Perform adversarial security research, develop exploits, and test them Write and maintain scripts to automate repeatable research, analysis, and cybersecurity testing tasks Identify and pursue automation opportunities (such as infrastructure as code (IaaC)) Participate in...

About this role: Wells Fargo is seeking a Lead Information Security Analyst that will be focusing on examining and testing security controls, and assessing how business functions engage and interact with technology in order to tailor initiatives to react to technological trends while exceeding IT security measures. In this role, you will: Provide advanced information security consultation for all aspects of information security compliance policy, risk management, and remediation Direct information security risk assessment and research, and recommend remediation plans and strategies Influence stakeholders on net new or on material changes to an asset to influence control decisions Provide consulting on security risk assessment and research, and recommend remediation plans and strategies Act as more experienced lead to the organization to develop security risk awareness and mitigating actions Consult the organization on complex security issues...

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Come make an impact on the communities we serve as we help advance health equity on a global scale. Here, you will find talented peers, comprehensive benefits, a culture guided by diversity and inclusion, career growth opportunities and your life's best work.(sm) General Security Engineering: Making critical decisions on enterprise security policies Reporting and reviewing the compliance status and taking remediation actions Understanding of network security best practices and standards through auditing, policy analysis, firewall request review and processing Implement suggested solutions and innovative approaches to complex issues, as well as complex conceptual analysis,...

Combine two of the fastest-growing fields on the planet with a culture of performance, collaboration and opportunity and this is what you get. Leading edge technology in an industry that's improving the lives of millions. Here, innovation isn't about another gadget, it's about making health care data available wherever and whenever people need it, safely and reliably. There's no room for error. Join us and start doing your life's best work.(sm) The Sr. Information Security Engineer – IAM SSO will be part of the Web Access Management team (WAM) in the Optum Technology Information Risk Management Division (IRM). The WAM team is focused on integrating customers (internal and external to Optum/UHC) with the appropriate security tools for authenticating users with applications. The primary role of the Engineer is to design, configure and support access management solutions in accordance with our operating guidelines and security practices. This is an individual...

The Segment Information Security Officer (SISO) is responsible for overseeing the segment information risk management program and supports Enterprise Information Security (EIS) processes and programs.  The SISO is an EIS process expert and acts as a central point of contact for security process issues and questions.  The SISO is deemed a critical integration point with business leadership teams and is considered a change agent for the business in understanding security risks and the role and responsibilities of EIS, as well as ensuring that EIS fully understands and is engaged to support the needs and objectives of the business.  The SISO provides management and strategic support, reports to the Business Information Security Officer (BISO) and works as a delegate of EIS. Major Responsibilities Assist in enterprise and EIS risk management processes and execution. Partner with segment technology and business leadership to guide segment-level risk management and...

About this role: Wells Fargo is seeking a Senior Information Security Engineer to join our Security Remediation Team (SRT). Engineers in SRT are responsible for technology hygiene defect tracking and remediation. These defects include technology misconfigurations/errors as well as observed configurations that do not meet WF defined baselines and policies. A strong candidate will be well rounded in terms of technology knowledge and experience with particular strength in troubleshooting and root cause analysis. In this role, you will: Lead or participate in computer security incident response activities for moderately complex events Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards Design, document,...

Combine two of the fastest-growing fields on the planet with a culture of performance, collaboration and opportunity and this is what you get. Leading edge technology in an industry that's improving the lives of millions. Here, innovation isn't about another gadget, it's about making health care data available wherever and whenever people need it, safely and reliably. There's no room for error. Join us and start doing your life's best work.(sm)  This position is responsible for leading cross functional teams within the Enterprise Resilience (ER) function within Enterprise Information Security (EIS).  The ER function is an enterprise function, serving all businesses across UHG, UHC, and Optum.  It is comprised of three core functions (Business Continuity, Disaster Recovery, and Crisis Management).   The Enterprise Resilience organization ensures that all enterprise businesses have current and effective business continuity and technology disaster recovery plans in place for both...

Discovery is at the heart of everything we do. Wherever you find us around the world, if you can think of a product, you can probably find it in our stores, which include TJ Maxx, Marshalls, HomeGoods, Sierra, Winners, Homesense, and TK Maxx. With variety comes plenty of happy surprises—our environment is ever-changing, and that’s just how we like it. Every day is an opportunity to discover something new about our business, our partnerships and even something exciting about yourself. Ready to Discover Different?   What you’ll do As the manager of the Application Security team you will been seen as a security evangelist, you are able translate sophisticated security concepts into language that is meaningful to many audiences, including business and technical leaders and individual contributors. Strong candidates will approach application security from the perspective of risk management and avoid purely academic thinking about software security. This is a very visible...

Modis has a direct hire opportunity for an Information Security Operations Manager. Responsibilities Manage production issues and incidents and participates in problem and change management forums. Recommend and coordinate the implementation of technical controls to support and enforce defined security policies. Manage outsourced vendors that provide information security functions Manage and coordinate operational components of incident management, including detection, response and reporting. Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing a realistic overview of risks and threats in the enterprise environment Manage a staff of information security professionals, hire and train new staff, conduct performance reviews, and provide...

Information Security SOC Analyst - Remote At TTEC, we're all about the Human Experience. Elevated. As a Information Security SOC Analyst working remotely in the US, you'll be a part of creating and delivering amazing customer experiences while you also #ExperienceTTEC, an award-winning employment experience and company culture. The Info Sec SOC Analyst will use various tools and dashboards to monitor the TTEC environment for potential security events. The SOC Analyst will triage the events to detect legitimate security concerns, and respond according to established playbooks. The SOC Analyst will also manage, maintain, and monitor TTEC security solutions and processes to provide Tier 1 Support and Security Incident Management. The SOC Analyst will perform a variety of security duties and will ensure they are fulfilled in a timely and professional manner. The Security Operations Center (SOC) will interact frequently with other members of the Information Security team, and other...

Location: Johnston, RI Description: Hi,Hope you are doing well!If interested, please send your updated resume at isawant@judge.com Job title: Senior Cyber Security Specialist Location: Johnston, RI 02919 (Hybrid) Duration: Full Time (permanent)   Job Description: Position Summary: •                     The Cyber Threat Operations and Engineering team is responsible for the implementation, operation, maintenance, and growth of technology solutions intended to mitigate cyber security threats. These solutions range from network security technologies like firewalls, URL filters, intrusion detection/prevention systems, advanced threat prevention technologies, and web application firewalls to server and endpoint solutions such as filesystem monitoring, filesystem encryption, vulnerability management and malware detection/prevention agents. •                     This team is also responsible for ensuring that documented standards and processes for all...