Information Security GRC Lead
Securing Millennium’s complex and robust technical environment from external and internal threats is a top priority. This individual will be responsible for development and management of the Firm’s Information Security Governance structure that will include alignment to industry standard risk and control frameworks and the requisite measurement and reporting to appropriate internal audiences.
In this role, you will develop a pragmatic approach to help the Firm manage information and Cybersecurity Risk and ensure that senior leadership is well informed of Millennium’s position relative to emerging and evolving risk scenarios through both qualitative and quantitative measurement and reporting that is concise, informative, and written in the language of the business.
Other key activities will include; working closely with the business to understand overall risk appetite, working with control owners to ensure all information and cybersecurity controls are effective through pragmatic measurement and reporting that will evolve in maturity over time, and evaluating and responding to regulatory inquiries across the range of geographies Millennium does business.
Principal Responsibilities
- Develop and implement an Information and Cyber Security Governance Framework.
- Conduct regular risk and control management meetings with a limited set of key stakeholders
- Engage with Regulator Affairs and Compliance functions within the Firm.
Qualifications / Skills Required
- Bachelor's or Master's degree in Computer Science or Cyber Security.
- 7+ years of experience in Information Security, preferably in the financial services industry.
- Experience developing and leading an Information and Cybersecurity Governance program
- Proven knowledge of information security policies, standards, and governance controls in complex computing environments.
- Experience implementing and using common EGRC technology solutions.
- Information and cybersecurity risk management certifications (such as CGRC, CISM, CRISC) or equivalent experience required.
- Knowledge of Machine Learning (ML), Artificial Intelligence (AI) / Large Language Models (LLMs) in the context of business adoption and risk.
- Excellent written and verbal communication skills, with the ability to convey complex information simply and clearly to various groups within the organization.
- Ability to work across multiple time zones in large global environments
- Information and cybersecurity certifications (such as Security+, OSCP, CISSP, CEH, GCIA, GCIH) is a plus.
The estimated base salary range for this position is $175,000 to $250,000, which is specific to New York and may change in the future.
Millennium pays a total compensation package which includes a base salary, discretionary performance bonus, and a comprehensive benefits package.
When finalizing an offer, we take into consideration an individual’s experience level and the qualifications they bring to the role to formulate a competitive total compensation package.
Information Security- Lead Vulnerability Management Engineer
Active participation in information security industry forums or other info security leadership organizations. Bachelor's degree in Computer Sciences, Information Security, Information Systems, Engineering, Sciences or related field. Are you passionate about cybersecurity and eager to drive innovatio...
Security GRC Lead
Key Responsibilities:Manage and support audit engagements and fulfill audit requestsLead internal and external audits, documenting control management practicesAssist in risk assessments and track remediation of issues raised during auditsRequired Qualifications:Bachelor's degree in a technical/secur...
Information Security GRC Lead.
In this role, you will develop a pragmatic approach to help the Firm manage information and Cybersecurity Risk and ensure that senior leadership is well informed of Millennium’s position relative to emerging and evolving risk scenarios through both qualitative and quantitative measurement and report...
Lead Engineer, Information Security, India
The security resource will be aligned to an MI Tech business segment to collaborate in-depth with developers, SREs, DBAs, and other personnel to both instill a security mindset and support security improvement efforts. We engage closely with product teams to deliver security practices, capabilities,...
Data at Rest Encryption Infrastructure Engineering and Delivery Lead Information Security Engineer
Wells Fargo is seeking a Lead Information Security Engineer in Technology as a part of Chief Technology Office. This role will provide technical leadership, and be an individual contributor, to teams that design, deploy, and operationally maintain cryptographic products and services including Hardwa...
Lead Engineer, Information Security, US
The security resource will be aligned to an MI Tech business segment to collaborate in-depth with developers, SREs, DBAs, and other personnel to both instill a security mindset and support security improvement efforts. We engage closely with product teams to deliver security practices, capabilities,...
Lead Information Security Engineer
In conjunction with Information Technology Operations personnel, leads the design, implementation and support of security measures including but not limited to: Cloud Security, Vulnerability Management, Email Security, Endpoint Security, Document Management Systems, Privileged Account Management, Ad...
Ping Directory Lead Information Security Engineer
Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management,...
Engagement Manager - SAP GRC and Security Lead
Ensuring project success criteria are met •Building strong relationships with IT/business peers and management to best meet company goals and objectives Required Experience & Skills •Proven track record of designing, configuring and implementing GRC 12 for Access governance and Process controls, des...
Engagement Manager - SAP GRC and Security Lead
Ensuring project success criteria are met •Building strong relationships with IT/business peers and management to best meet company goals and objectives Required Experience & Skills •Proven track record of designing, configuring and implementing GRC 12 for Access governance and Process controls, des...