Location: Long Island City,NY, USA
The Technical Program Manager, Security Governance Risk & Compliance will be responsible for developing and maintaining security standards and procedures, identifying cybersecurity risks and ensuring adequate processes and technical controls are in place to mitigate identified risks. This role will participate in cybersecurity audits and assessments follow up with remediation activities based on audit recommendations and assist in maturing various cybersecurity programs including Security awareness, Incident Response, Disaster Recovery etc.Education and Experience:•Bachelor's degree in Computer Science, Information Systems, Information Security/Assurance or related field required or eight years of directly related experience•Minimum five years of experience in an Information Security role, with strong experience in Security Governance, Risk & Compliance or in a regulated industry required, preferably at a Bank or Financial Services institution•Strong understanding of key information security concepts and fundamentals•Experience with GRC and Information security tools/technologies to collect and main security and risk information•General understanding of security risks and trends, security compliance assessments and audits•Professional certifications in Information Security (such as CISA, CISM, CRISC, CISSP, CRISC etc.) preferredEssential Skills:Excellent presentation, facilitation and communication skillsExperience in creating awareness of security practices across multiple technical teamsAbility to lead cross-functional efforts in making sound risk-based decisions.Working knowledge of security frameworks and standards including NIST, PCI, ISO 27001, etc.Job Responsibilities:•Assist with the development and on-going management of the Cybersecurity Governance Risk and Compliance program•Develop and maintain information security policies, standards, process documentations and control objectives•Mature and enhance the information security awareness and training program•Monitor and escalate unresolved security exposures, misuse, policy violations and other non-compliance situations to Security Leadership•Monitor industry regulatory environment for impact on security programs and changes to security compliance standards•Work closely with Technology-focused teams and other business stakeholders to identify potential security weaknesses, define potential impact and develop effective mitigation strategies•Perform other duties upon request by immediate supervisorBenefits We provide a competitive compensation and benefits package that includes, but is not limited to:Paid time off for vacation, personal days, and holidaysFully-funded pension plan401k company contribution 100% of Vision & Dental CareTuition reimbursement is offered to full-time employees