Title Infosec Manager (GRC)
Job Information

(Respond to: diane.katz@primesoftinc.com)

Infosec Manager (GRC)

FTE- Hybrid working environment 75% remote 25 % NYC office

Salary plus Bonus

Out Client, a Financial Institution headquartered in NYC seeks an Information Security Manager (Governance, Risk, Compliance) to be responsible to plan, design, and implement holistic information security program with focus on emerging threats, regulatory requirements, and industry best practices. The manager will be responsible for building security culture of the bank and will report to the CISO and assist in implementing information security program across all areas of information security viz. Governance, Risk, and Compliance.

 

Essential Job Functions:

Assist CISO in designing and managing information security program.

Define and implement clear 2LoD roles and functions

Act as liaison between Auditors, Regulators, Information Security, Management by coordinating requests for information and by coordinating responses to any observations.

Build and Design information security awareness and training program for organization personnel and mentor information security personnel

Manage information security personnel

Plan and draft department budget and track costs associated with the program

Track bank defined KPIs and KRIs

Prepare and coordinate regulatory activities including, but not limited to DFS 500 and SOX

Provide Information Security consultation to relevant departments and communicate information security goals and new programs effectively with other department managers within the organization

Develop, implement and monitor a strategic, comprehensive enterprise information security risk management program

Promote secure design of systems and infrastructure in line with industry standards and best practices including application of secure coding practices across the engineering organization, conducting security reviews of new features, leveraging industry tooling to automate and improve the security review

Develop, document, track, and implement information security policies, controls, and procedures

Work with vendors to perform security audits ensuring they meet industry standards

Knowledge, Skills and Experience Requirements:

  1. Bachelor’s degree or equivalent experience
  2. Minimum seven (7) to ten (10) years in Audit and Compliance Management roles Knowledge of security frameworks– ISO 27001, NIST, etc.
  3. Knowledge of banking laws and regulations
  4. Experience with policy design, authoring and implementation
  5. Excellent verbal/written communication and interpersonal skills
  6. Strong analytical ability and Confident and experienced in working with senior leadership as well as support and engineering management and staff
  7. Certifications such as CISSP, CGEIT, CISA, CRISC, CISM desirable

Phone Number: 561-573-1581

No Third Parties

US Citizens and or Green Card Holders Only