IT Risk and Cybersecurity Senior Manager

  • 40 Rector St, New York, NY 10006, USA
  • Full-time

Company Description

Sia Partners is a leading global strategic and operational management consultancy and a pioneer of Consulting 4.0 with over 1,550 + consultants spread out across 25 offices globally.  Sia Partners operates within numerous industry sectors, including: Financial Services, Insurance, Energy, Healthcare, Government, Manufacturing and Telecommunications & Media, among others.  Our innovative approach has led us to welcome disruption through AI and invest deeper into our Data Science field and automation capabilities.  Sia Partners US is the coordinating entity for the Americas engaged primarily by major Financial Services, Technology and Energy clients operating in New York, Charlotte, Houston, Seattle, Denver, San Francisco, Chicago, Boston and Baltimore.

Sia Partners champions high-quality customized client service through its experienced consultants and subject matter experts playing hands-on roles. Our range of services in North America includes project management and business analysis specializing in long-term Strategic and short-term Tactical Advisory Services, Automation through RPA & AI, Regulatory & Compliance, Energy, Finance, Accounting, Operational & Market Risk Management and Governance & Control Environments. 

Job Description

Sia Partners is searching for an IT Risk and Cybersecurity Director to lead the firm’s IT Risk and Cybersecurity engagements. This individual will assist banking and insurance clients with Cyber Security, IT Audit & Risk Assessments by examining systems and procedures and helping clients understand and quantify risk exposures, evaluate risk strategies, and build and maintain risk models by managing an engagement or providing ad-hoc assistance to several engagements.

This includes gathering and analyzing information, formulating and testing hypotheses, and developing and communicating recommendations. The individual be responsible for presenting results to client management and implement recommendations in collaboration with client team members. The Director will be expected to contribute to knowledge development by helping define and expand distinctive risk-based methodologies to support top management-level strategic decisions.

Responsibilities Include:

  • Lead reviews of clients Cybersecurity Policies and Procedures
  • Assess IT risk and control frameworks, advice on technical standards and technology platforms
  • Reconciliation of data projects
  • Participate in performing penetration tests and reporting
  • Consistently deliver quality client services.
  • Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.
  • Technical understanding of IT infrastructure and IT Risk processes (business continuity and disaster recovery principles, internal and external IT audit, IT incidents including change management and capacity planning, threat intelligence)
  • Strong knowledge of regulatory requirements and compliance issues affecting clients related to privacy and data protection, such as PCI DSS, GLBA, GDPR, International Cross Border, and U.S. State Data Privacy Laws.



  • 7 – 15 years of experience in IT Risk, Audit, Compliance, Consulting and Cybersecurity knowledge of writing and assessing control framework
  • Undergraduate and/or advanced degree (MBA, JD, PhD or equivalent) from a top university
  • Project management skills, ability to prioritize
  • Certification of CISA and/or CISSP
  • Ability to multi-task competing priorities while maintaining a high degree of accuracy and attention to detail
  • Extensive leadership experience
  • Strong understanding of networking (TCP/IP, OSI model), operating system fundamentals (Windows, UNIX, mainframe), security technologies (firewalls, IDS/IPS, etc.) and application programming/scripting languages (C, Java, Perl, Shell).
  • Stay abreast of current business and industry trends relevant to the client's business.
  • Knowledge of IT Frameworks (COBIT, NIST…).Optionally, COBIT 5 framework general concepts.
  • Technical architecture experience integrating data protection software into clients' infrastructure; network architecture design, implementation and administration.


  • Knowledge of Financial Services Cybersecurity Compliance Requirements such as FFIEC CAT, NYDFS 500
  • Prior experience with Business Development / Sales
  • Python, R, Java or SAS for data analytics
  •  Power BI, Tableau, dashboarding or data visualization for reporting
  • RPA (Robotic Process Automation): UiPath, Blue Prism, Automation Anywhere or Pega
  • Workflow / Business Process Management Tools(e.g., Pega, Appian)

Additional Information

EEO Guidelines

All your information will be kept confidential according to EEO guidelines. Sia Partners is an equal opportunity employer. At Sia Partners, we are committed to treating all Applicants and Associates fairly based on their abilities, achievements, and experience without regard to race, national origin, sex, age, disability, veteran status, sexual orientation, gender identity, or any other classification protected by law.

All your information will be kept confidential according to EEO guidelines.

Privacy Policy