Details
Job Description The Manager, Information Security Governance Risk and Compliance will report to the VP of Information Security and will be responsible for establishing, leading and managing initiatives related to Information Security, while focusing on integrating Policy Management, Cyber-Risk Management and Compliance. This role will be responsible for leading the coordination of security compliance efforts and audit response, policy and security exception oversight, development and implementation of information security policies, standards and procedures and enterprise-wide security awareness initiatives. The position will be a hybrid position, 1 to 2 days at home. The position is located in Hauppauge, NY. Must be able to commute. At this time only New York residents will be considered. Education & Experience: Minimum of 8 years functional experience in Information Security Compliance, Technology Risk Management and/or Auditing required with at least 4 years of experience leading security compliance teams in a regulated industry, preferably at a bank or Financial Services institution. Bachelor's degree in Computer Science, Information Systems, Information Security/Assurance, Engineering, or related field required. Professional certifications in Information Security (such as CISA, CISM, CRISC, CISSP, CRISC etc.) preferred Job Responsibilities: Lead the development and implementation of effective information security policies and practices to secure protected and sensitive data and ensure compliance with regulations and best practices. Implement a common controls framework and lead information security compliance efforts to ensure ongoing compliance with changing laws and applicable regulations in Banking & Financial Services. Develop and continually improve the cybersecurity risk management program, in alignment with Enterprise Risk Management, conduct periodic information security risk assessments and facilitate mitigation practices. Coordinate and track remediation efforts in mitigating internal/external information technology and security related audit findings. Partner cross-functionally with internal business stakeholders and partners to influence and ensure alignment of business operations with the Security mandate. Maintain up-to-date knowledge of industry standards and best practices and the evolving security threat landscape while implementing technical and process improvements and mitigating identified risks, as part of the risk management program Perform periodic technology security assessments of Teachers' network infrastructure. Oversee the development and delivery of enterprise-wide security awareness initiatives. Build metrics within the security teams to measure and manage the maturity of the Security program
by Jobble