Vacancy expired!
- Serves as the lead security liaison and technical advisor to Business Units.
- Performs periodic reviews and assessment of the Business systems and respective processes to identify security or compliance gaps, and ensure alignment with Corporate Security and Industry Best practices
- Identifies, tracks and reports on security recommendations, gaps and improvements to business systems and processes.
- Cooperates with IT Support, Compliance, Security teams to align controls, processes, and technologies with critical business functions to ensure security and compliance objectives.
- Work with Compliance Team and Information Security Team to drive risk averse behavior and adoption of controls to mitigate risks.
- The adoption of core security services (PKI, Identity, Key Management, Detection and Response, and Vulnerability Management)
- Interpret and implement information security policies and standards specific to the Business Teams.
- You’ll develop and communicate security and compliance requirements to internal stakeholders and key business partners.
- Provide information security direction and advisement for initiatives for Business Teams.
- Provide business and technical advice on a wide variety of IT risk issues, concerns, and problems, making sure all business processes incorporate adequate information security.
- Be a technical leader in periodic information systems and applications risk assessments, including those associated with the development of new or significantly improved business applications
- Monitor current and proposed laws, regulations, industry standards and ethical requirements related to IT risk, privacy, and information security and liaise with the Compliance Director as appropriate.
- 5+ years in a senior security leadership role
- Minimum 3-5 years of hands on experience with managing Regulatory and Privacy issues including tracking of new regulations affecting employee data
- 5+ years experience working in a security focused role in the technology or other technology heavy industry (e.g. Financial Services)
- Bachelor's degree in Computer Science, Information Systems, Engineering or a related discipline
- Strong understanding of Operational Risks including identifying risks, prioritizing and implementing remediation activities
- In depth understanding of IT risk, information security fundamentals, defense-in-depth practices, IT risk assessment fundamentals and risk management practices.
- Hands on experience in managing large programs of work across many business units and functional areas
- Superb communication and interpersonal skills.
- Certified Information System Security Professional (CISSP) or Certified in Risk and Information Systems Control (CRISC) certifications preferred
- Cloud computing architectures and the associated security designs and challenges
- Common open-source libraries and technologies (e.g. Kafka, Spark, Hadoop) and how to effectively harden them
- Common web application development technologies (e.g. Java, PHP, Python, AJAX, etc) along with tools and processes to enable teams to develop safely
- Strong executive presence and ability to engage with customers regarding security (e.g. Executive Briefings and incident communications)
- Ability to travel 25%
Vacancy expired!