Review the impact of new regulation and delivering assessments including evidence gathering and compliance assessments. Work with Legal, Compliance, Control Assurance, and other stakeholder teams to coordinate control requirements, reporting and mapping to policy, regulation, and best practice. Work with stakeholders to build plans of actions and milestones, track progress against gaps, and communicate changes or risks to plans in a timely manner. Identify, document, and report control deficienc... more details
Job Description
Review the impact of new regulation and delivering assessments including evidence gathering and compliance assessments.
Work with Legal, Compliance, Control Assurance, and other stakeholder teams to coordinate control requirements, reporting and mapping to policy, regulation, and best practice.
Work with stakeholders to build plans of actions and milestones, track progress against gaps, and communicate changes or risks to plans in a timely manner.
Identify, document, and report control deficiencies and associated recommendations for improvement.
Develop and communicate reports to describe regulatory risk and associated remediation action.
Understand current information security regulatory applicability and monitor for upcoming regulatory changes and revisions.
Support the alignment of the policies and standards to both regulations and best practice.
Review and challenge first line business units’ programs to support compliance with policies, standards, and regulations.
Evaluate, operate, and maintain tools or artifacts to capture and publish regulatory assessment results.
Participate in key and strategic initiatives representing the Information Security Governance team and providing subject matter expertise in the regulatory space.
Qualifications
At least 8-12 years of experience in one or more of the following areas: Information Security, Technology Governance, Technology Audit, Information Technology Compliance.
8+ years of experience of information security regulations with a focus in financial services preferred, such as NYDFS, CFPB and GLBA.
Detailed knowledge of respective industry best practices (e.g., NIST, ISO, CMMI) and broad knowledge of cybersecurity technologies
Knowledge of risk management policies, methods, standards, processes, governance models, and industry standard risk analysis approaches.
Knowledge of current industry trends in information security regulatory.
Excellent written and verbal communication skills with the confidence to effectively tailor communication of technically complex issues for both technical and non-technical audiences and stakeholders at every level of the organization.
Process driven with an eye for detail.
Able to be a subject matter expert on information risk management, regulation, policies, and standards.
Hands-on experience with GRC tools such as ServiceNow and RSA Archer is preferred.
Candidates with professional information security certifications such as CISSP, CISM, CISA would be a good fit for this role.
Additional Information
Our benefits include: Medical, life and dental insurance, Asociacion Solidarista, International Share Save Plan, Flex Work/Work from home, Paid time off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.
Job Abstracts is an independent Job Search Engine. Job Abstracts is not an agent or representative and is not endorsed, sponsored or affiliated with any employer. Job Abstracts uses proprietary technology to keep the availability and accuracy of its job listings and their details. All trademarks, service marks, logos, domain names, and job descriptions are the property of their respective holder. Job Abstracts does not have its members apply for a job on the jobabstracts.com website. Additionally, Job Abstracts may provide a list of third-party job listings that may not be affiliated with any employer. Please make sure you understand and agree to the website's Terms & Conditions and Privacy Policies you are applying on as they may differ from ours and are not in our control.
Welcome to Job Abstracts
We would like to take a second to Welcome You to Job Abstracts, the nation’s largest Pure Job Board. With over 3.1 million job listings from 15,000+ Companies & Organizations, we help job searchers find careers that match their interests. As an anonymous user, you have probably discovered how easy our system is to use. However, you have just scratched the surface of what we can offer.
We encourage you to Register so you can use our most powerful features: searching with multiple terms, setting up multiple locations, establishing favorite companies, and accessing your search history. If you find a job you like, you can apply directly for it, and then, keep notes on it. We will also keep a lookout for jobs that match your search terms and email you when we find something you may like.
You can register for free and the system is free to use. If you like our system so far, click on Register and unlock the power required by serious job searchers.
Any time you conduct a search, the system shows you job matches, ranked by their Relevance Score (RS).
The score is calculated by a proprietary algorithm that uses Intelligent Machine Learning.
The Relevance Score tells you how well the job opportunity matches your search term or terms.
When not logged in, the system is limited to one search term. Scores for single term matches are usually lower.
When you register, log in, and set up multiple terms prioritized by importance, the jobs found for you will receive a much higher Relevance Score.