Key skills
Cyber SecurityFirewallsIdentity ManagementProject ManagementRisk ManagementChange Management
About this role
Role Overview
- Leads and develops strategies for closing cybersecurity management compliance gaps
- Partners in the analysis of legal, regulatory and compliance initiatives
- Manages cybersecurity risk and compliance functions
- Performs assessments to identify, manage and mitigate cyber risks
- Assess and guide remediation of compliance gaps
- Evaluate and track the cyber program maturity
- Acts as security advisor to business segments and functions
- Develops solutions for potential regulatory risks
- Maintains an internal inventory of applicable U.S. laws and regulations, pertaining to Information and Cyber Security
- Ensures regulatory rules are incorporated into appropriate compliance policies, standards, processes, training, and monitoring/testing activities at an enterprise level
- Contributes to the development of cyber governance strategies
- Manages all aspects of internal and external audits
Requirements
- Bachelor’s degree and six to eight years of experience in systems engineering or administration
- Deep specialized and/or broad functional knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security
- Previous experience in leading complex IT projects
- Bachelor’s degree preferably in regulatory affairs, business, organizational or compliance law, or financial services
- Master’s degree or MBA and 8 years of experience or an equivalent combination of education and work experience
- Ten years related experience at a large financial institution performing legal, compliance, or other duties such as risk management and/or project management
- Ability to lead projects of moderate complexity and notable risk exposure
- Strong knowledge on cybersecurity risks, frameworks, best practices and industry/regulatory requirements
- Knowledge and experience in use of cyber security governance programs
- Experience interacting with financial services regulatory bodies; preferably Office of the Comptroller of the Currency (OCC), Federal Reserve Board (FRB), FDIC, etc. (laws, rules, regulations and guidance)
- Familiarity with The Cyber Risk Institute (CRI), and Cybersecurity regulations such as NYDFS and WIRES
- Cybersecurity certifications such as CISA, CISSP
- Regulatory Change Management experience
Tech Stack
- Cyber Security
- Firewalls
Benefits
- medical
- dental
- vision
- life insurance
- disability
- accidental death and dismemberment
- tax-preferred savings accounts
- 401k plan
- no less than 10 days of vacation
- 10 sick days
- paid holidays
- defined benefit pension plan
- restricted stock units
- deferred compensation plan