Search Results

Lead Information Security Governance

Recruit Professional Services, Hoboken NJ

SUMMARY
The Information Security governance lead will be responsible for developing and implementing Information Security program, policy and relevant security standards. Governance lead will design proper security controls to protect the bank’ s informational assets against confidentiality, integrity and availability loss. Monitor, track and report all control weaknesses and violation for security policy and standards.

Information Security governance lead is also responsible for designing and implementing security assessment framework for infrastructure, databases, internal applications, vendor and third party application and cloud solutions. 

 

JOB FUNCTIONS/DUTIES AND RESPONSIBILITIES
  1. Coordinate the execution of security governance and assessment control initiatives.
  2. Assists in defining, creating and implementing banks information security policy/standards, guidelines
  3. Work under ISO’ s supervision to define and implement information security program and security control assessment strategy.
  4. Organization and prepare for monthly, quarterly security governance meetings.
  5. Define the security assessment checklists for various internal and external systems.
  6. Perform security assessments, access reviews and gap analysis as per defined in the program
  7. Review and approval of the system/network configuration changes, system patches and updates according to the banks procedures.
  8. Review compliance with the information security policy and standards.
  9. Provides periodic reporting on information security issues and gaps
  10. Interfaces with external contacts and third parties  
  11. Performs all functions as assigned by ISO
  12. Provide high quality work by ensuring accuracy and seeking to continuously improve information security processes by embracing new and better ways of doing things.

 

REQUIREMENTS
  1. Bachelor’ s degree or equivalent.
  2. Strong IP, Network, Microsoft Windows, Linux, UNIX, Database, middleware experience and knowledge.
  3. Strong understanding of NIST 800-53, COBIT, FFIEC, ISO control framework
  4. Three to seven years’ experience in information security and risk management
  5. Strong skills in Vendor/Third-party security controls, security auditing tools
  6. Strong project management skills, technical writing and presentation skills
  7. Understanding of GRC tools like archer, risk vision etc.
  8. Applications experience in international banking, multi-currency accounting, global securities processing.
  9. CISSP, CISA, CISM, CEH, Security+  type of certifications are plus
#RecruitPS
To get started, enter your information below

I agree to the Flashrecruit terms of use and acknowledge I have read the privacy policy, and agree to receive jobs alerts.