Chief Information Security Officer - CISO

  • location: New York, NY
  • type: Permanent
  • salary: $200,000 - $250,000 per year
easy apply

job description

Chief Information Security Officer - CISO

job summary:
  • The CISO position reports directly to the Chief Risk Officer (CRO) and has a dotted line to the Chief Technology Officer (CTO)
  • The position oversees Information/Cyber Security at the Firm's Group level (e.g. all the business units within the company)
  • Direct Reports: existing Cyber team including IAM team
  • Position will be NY based. Limited travel required
  • As required, the CISO will meet with regulators, the Board, insurance providers and other parties interested in firm's information/cyber security posture
location: New York, New York
job type: Permanent
salary: $200,000 - 250,000 per year
work hours: 9 to 5
education: Bachelors

  • Maintains awareness of industry trends, new products, etc.
  • Creates and manages policies and procedures
  • Educates the IT organization and company about threats and prevention
  • Develops security strategy and supporting implementation plans (in partnership with Infrastructure Team)
  • Provides thought leadership across firm on everything related to Information Security

  • Manages 3rd party consultants to coordinate testing and security assessments
  • Maintains CSC6 Reporting
  • Runs vulnerability scanning program - internal and external scans
  • Tracks status of open vulnerabilities. Provides assessment on priorities and risks associated with open vulnerabilities
  • Watches the daily alerts and incidents. Communicates with stakeholders on status and threats
  • Notifies organization on new/emerging threats, critical vulnerabilities and patches
  • Subscribes and monitors the critical cyber bulletins, FBI reports, etc.
  • Prepares status reports on security for all stakeholders including...
  • Regulatory reports, surveys and questionnaires
  • Op Risk reports
  • Board/Independent Director reports
  • Insurance reports
  • Responses to RFP from issuers to support the Ratings business (Solutions and Learning are manage this process separately)
  • Corporate Cyber reports (usually Ad Hoc reports when new threats emerge)

  • Manages the Identity and Access Management (IAM) process
  • Runs IT Vendor Risk Management program
  • Coordinates patching and vulnerability management with Infrastructure team
  • In the event of Major Security Incident, leads the Cyber Incident Response Team (CIRT)
  • Manages the Identity and Access Management (IAM) team
  • Helps guide the implementation of cyber projects with Infrastructure
  • Budgeting and planning
  • Vendor evaluation and selection
  • Guiding implementation

  • Hands on experience and expertise in all facets of Cyber security
  • Strong communications and presentation/writing skills
  • Ability to provide thought leadership around information/cyber security
  • Strong understanding of industry best practices and tools
  • Proven ability to handle cyber incidents
  • History of managing cyber programs
skills: Hands-on leader that is looking for that new challenge. Certifications are great to have!!!

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

easy apply

get jobs in your inbox.

sign up

related jobs