Lead Information Security Governance

Recruit Professional Services, Hoboken New Jersey

The Information Security governance lead will be responsible for developing and implementing Information Security program, policy and relevant security standards. Governance lead will design proper security controls to protect the bank’ s informational assets against confidentiality, integrity and availability loss. Monitor, track and report all control weaknesses and violation for security policy and standards.

Information Security governance lead is also responsible for designing and implementing security assessment framework for infrastructure, databases, internal applications, vendor and third party application and cloud solutions. 


  1. Coordinate the execution of security governance and assessment control initiatives.
  2. Assists in defining, creating and implementing banks information security policy/standards, guidelines
  3. Work under ISO’ s supervision to define and implement information security program and security control assessment strategy.
  4. Organization and prepare for monthly, quarterly security governance meetings.
  5. Define the security assessment checklists for various internal and external systems.
  6. Perform security assessments, access reviews and gap analysis as per defined in the program
  7. Review and approval of the system/network configuration changes, system patches and updates according to the banks procedures.
  8. Review compliance with the information security policy and standards.
  9. Provides periodic reporting on information security issues and gaps
  10. Interfaces with external contacts and third parties  
  11. Performs all functions as assigned by ISO
  12. Provide high quality work by ensuring accuracy and seeking to continuously improve information security processes by embracing new and better ways of doing things.


  1. Bachelor’ s degree or equivalent.
  2. Strong IP, Network, Microsoft Windows, Linux, UNIX, Database, middleware experience and knowledge.
  3. Strong understanding of NIST 800-53, COBIT, FFIEC, ISO control framework
  4. Three to seven years’ experience in information security and risk management
  5. Strong skills in Vendor/Third-party security controls, security auditing tools
  6. Strong project management skills, technical writing and presentation skills
  7. Understanding of GRC tools like archer, risk vision etc.
  8. Applications experience in international banking, multi-currency accounting, global securities processing.
  9. CISSP, CISA, CISM, CEH, Security+  type of certifications are plus


Browse Jobs

No Chats Here Yet
Start a conversation with recruiters about jobs you're interested in