What does a successful Cyber Risk Manager do at Fiserv?

The Cyber Risk Manager (CRM) is a respected role within Fiserv’s Global Cyber Security Services (GCSS) organization. The position is responsible for supporting the cyber security direction of the business and elevating the company’s cyber security posture. The CRM is expected to support GCSS security strategy within new and existing information system capabilities. Consequently, the position requires both an understanding of legacy systems, as well as new technologies and requirements.

The ideal candidate is technical and possesses at least three years of experience in cyber security, risk management, or compliance. The role supports the Cyber Risk Manager to oversee the business’ security requirements and obligations mandated by Fiserv’s cyber security policies and standards and regulations such as the Payment Card Industry Data Security Standard (PCI DSS), Health Information Portability and Accountability Act (HIPAA), and General Data Protection Regulation (GDPR).  The CRM monitors progress and enforces resolution of outstanding cyber security risks that may lead to non-compliance or security threats to the business. As a key member of the Information Risk Management team, the CRM must focus on strong cyber risk management practices.

What you will do:

• Coordinate with business partners to safeguard against undue cyber security risk. Escalate to Cyber Risk Managers and business unit leads when points of weakness are discovered.
• Support the Cyber Risk Manager to identify, assess, document, communicate, and monitor cyber security risks.
• Analyze findings, document, recommend, and report program gaps to Cyber Risk Managers.
• Compile monthly qualitative and quantitative metrics that demonstrate the business group’s cyber security posture.
• Attend and fully engage in cyber risk management meetings.
• Perform other duties as assigned.

What you will need to have:

• Bachelor’s degree in computer science, information assurance, MIS or related field, or equivalent industry experience.
• At least 3+ years’ experience in cybersecurity as a practitioner and with at least 1 to 3+ years exposure with various security frameworks.
• Strong business acumen and cyber security technology skills for well-rounded proficiency, as well as proven ability to align with cyber security practices.
• Experience in one or more of the following: NIST, ISO 27001/2, or ITIL.  Experience and understanding of various regulatory requirements and laws, including but not limited to PCI, HIPAA, and GDPR.
• Exceptional written and verbal communication skills and proven ability to translate cyber security risk to all levels of the business.
• Capacity to understand legacy and progressive technology and security controls along with respective risk. Working knowledge of technologies such as cloud computing, DevOps, and application security is required.
• Prior experience using GRC systems from vendors such as Archer, Rsam, ServiceNow.
• Holds or is working toward one or more of the following: CISSP, CRISC, CGEIT or GRCP
• Work Location: Berkeley Heights or Alpharetta, GA or Dublin, Ohio

Perks at Fiserv:

• Maintain a healthy work and life balance with paid holidays and our generous Time Off policies
• Plan for your future with the Fiserv 401(k) Savings Plan and Employee Stock Purchase Plan
• Cherish time with your newborn with our Parental Leave program
• Join Employee Resource Groups that promote our diverse and inclusive culture where associates can build their network and share their perspectives
• Fiserv offers an expansive and always-growing list of benefits, in addition to those listed, to help with your physical, mental, emotional, and financial well-being.