Chief Information Security Officer - CISO

  • location: New York, NY
  • type: Permanent
  • salary: $200,000 - $250,000 per year
easy apply

job description

Chief Information Security Officer - CISO

job summary:
  • The CISO position reports directly to the Chief Risk Officer (CRO) and has a dotted line to the Chief Technology Officer (CTO)
  • The position oversees Information/Cyber Security at the Firm's Group level (e.g. all the business units within the company)
  • Direct Reports: existing Cyber team including IAM team
  • Position will be NY based. Limited travel required
  • As required, the CISO will meet with regulators, the Board, insurance providers and other parties interested in firm's information/cyber security posture
 
location: New York, New York
job type: Permanent
salary: $200,000 - 250,000 per year
work hours: 9 to 5
education: Bachelors
 
responsibilities:




  • Maintains awareness of industry trends, new products, etc.
  • Creates and manages policies and procedures
  • Educates the IT organization and company about threats and prevention
  • Develops security strategy and supporting implementation plans (in partnership with Infrastructure Team)
  • Provides thought leadership across firm on everything related to Information Security








  • Manages 3rd party consultants to coordinate testing and security assessments
  • Maintains CSC6 Reporting
  • Runs vulnerability scanning program - internal and external scans
  • Tracks status of open vulnerabilities. Provides assessment on priorities and risks associated with open vulnerabilities
  • Watches the daily alerts and incidents. Communicates with stakeholders on status and threats
  • Notifies organization on new/emerging threats, critical vulnerabilities and patches
  • Subscribes and monitors the critical cyber bulletins, FBI reports, etc.
  • Prepares status reports on security for all stakeholders including...
  • Regulatory reports, surveys and questionnaires
  • Op Risk reports
  • Board/Independent Director reports
  • Insurance reports
  • Responses to RFP from issuers to support the Ratings business (Solutions and Learning are manage this process separately)
  • Corporate Cyber reports (usually Ad Hoc reports when new threats emerge)








  • Manages the Identity and Access Management (IAM) process
  • Runs IT Vendor Risk Management program
  • Coordinates patching and vulnerability management with Infrastructure team
  • In the event of Major Security Incident, leads the Cyber Incident Response Team (CIRT)
  • Manages the Identity and Access Management (IAM) team
  • Helps guide the implementation of cyber projects with Infrastructure
  • Budgeting and planning
  • Vendor evaluation and selection
  • Guiding implementation




 
qualifications:
  • Hands on experience and expertise in all facets of Cyber security
  • Strong communications and presentation/writing skills
  • Ability to provide thought leadership around information/cyber security
  • Strong understanding of industry best practices and tools
  • Proven ability to handle cyber incidents
  • History of managing cyber programs
 
skills: Hands-on leader that is looking for that new challenge. Certifications are great to have!!!


Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

easy apply

get jobs in your inbox.

sign up
{{returnMsg}}

related jobs