Vacancy expired!
- Develop and maintain security policies, standards and procedures, and track compliance with them
- Formulate security requirements for projects and systems, in line with the firm’s risk appetite
- Identify security gaps, vulnerabilities and weaknesses in systems, networks and applications
- Conduct security risk assessments both at the enterprise and system levels
- Develop and maintain a security risk register, and track remediation activities
- Conduct third-party/vendor security risk assessments
- Evaluate existing security controls and recommend enhancements
- Lead the security awareness and training program for the firm
- Minimum of 5 years of Information Security and/or Technology Risk Management experience
- Solid understanding of security concepts and technologies
- Working knowledge of risk management methodologies
- Familiarity with common security frameworks and standards, including NIST Cybersecurity Frameworks; ISO/IEC 27001:27013, CIS CSC, PCI DSS
- High degree of self-motivation and initiative
- Bachelor’s degree in Computer Science, Information Technology or a related field
- Performance-based bonus + annual stock grants
- Daily company-paid lunch
- 401K with company match
- Excellent medical, dental, and vision benefits
- Education reimbursement and learning opportunities
Vacancy expired!