Role
- 5+ years managing information security governance, risk, and compliance
- Demonstrated knowledge of industry authoritative sources such as NIST Cybersecurity Framework, SOC2 and ISO standards, FFIEC framework and NYDFS-Part 500 regulations
- Bachelor’s degree in information technology or security discipline (e.g. cybersecurity) or related worked experience
- Industry recognized security certifications are a plus (e.g. CISSP, CISA, CISM, CEH, etc.)
- Skilled at planning, tracking plans, working cross departments to review risks, controls and processes, and gathering and organizing documentation and test results
- Experience leading risk assessments, audits, policy, governance, and / or reporting, preferably in a financial institution
- Assist with mapping controls to policies, procedures, and processes and testing of those controls to ensure adequate coverage
- Establish and maintain information security documentation
- Work with system / application owners in the remediation and tracking of system / application deficiencies.
- Assist with increasing the maturity of the IS program, strategy and process.
- Supervising and delegating tasks to at least 1-2 IS Team members.
- Working with various IS tools so that they are tailored and optimized for IS monitoring and reporting, along with preparing IS related reports daily, weekly, monthly or as needed.
- Provide security services in identifying, assessing, managing, and tracking remediation of information security risks related to IT infrastructure, applications, platforms and suppliers and drive explicit requirements and timelines in all environments
- Provide update to the CISO and / or CROon progress of remediation efforts
30+ days ago