Information Security Risk Officer - CISSP
New York, NY 10017 New York, NY 10017
Mid-sized Asset Management Firmseeks Information Security Risk Officer to reduce information security risk within the organization and facilitate the alignment of the business areas with regulatory expectations and best practices.
This is a full time direct hire role with an expanding financial services company that offers interesting work, opportunity for promotion, competitive compensation 150-175K+ bonus and great benefits package.
You will provide oversight to ensure the Information Security and Cyber security programs, maintaining the enterprise program from a governance perspective to ensure information assets and technologies are protected.
In summary you will:
- Facilitate the continued improvement in information security risk management and culture across the firm, through continual refinement and implementation of the Information Security Framework.
- Build and maintain relationships with the organizations business areas.
- Provide training and guidance to business areas on Information Security and ensure risk events are identified, reported, and managed.
- Strengthen internal controls and prevent unauthorized and improper access to data, thereby ensuring the appropriate protection of information assets.
- Implement security controls that support the information security policy/procedure and manage risks associated with access to services, information, and systems.
- Ensure that all information security incidents or suspected security flaws are remediated and have appropriate reporting mechanisms so that management is notified and these incidents are appropriately investigated and handled.
- Responsible for managing enterprise-wide policies, standards, procedures and guidelines to prevent the unauthorized use, release, modification or destruction of data.
- Lead the organization’s Business Continuity program by coordinating testing activities, conducting business impact analysis, and ensuring critical operations can continue in the event of an emergency.
- 8+ years in an infosec cybersecurity risk management role within financial services.
- Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP ) certification required
- Completed Bachelor’s Degree in Computer Science or related course of study.
- MBA or Master's degree in Information Systems or Information Security preferred
Great benefits package!