Director Regulatory Compliance

Director, Regulatory ComplianceLooking for a director over regulatory compliance, monitoring rule regulations, SEC CFTC Frameworks, COBIT COSO ITIL NIST ISO 27001 ISO 9001 CMMI Prefer GRC tools RSA Archer preferred NAVEX Global preferred IT Governance working knowledge must have financial experience. 3-5 direct reportsThe Director of Regulatory Compliance (IT and Security Services) reports directly to the Executive Director, Regulatory Compliance and works in conjunction with that person to oversee the regulatory compliance advisory program covering the following areas: Information Technology and Security Services.In conjunction with the Executive Director, Regulatory Compliance, identify and establish processes (including policies and procedures), controls and tools required to provide regulatory advisory services for the IT and Security Services departments.

• Provide regulatory advisory services spanning highly technical subject matter areas concerning information technology (including governance, networking, cloud architecture, containerization and agile delivery etc.), security services (including threat & vulnerability management, data & information management, data loss & privacy, security operations etc.) and other related areas.
• Provide guidance to first line of defense (business units) related to effective demonstration of compliance with regulatory obligations covering their areas.
• Provide guidance to the business on the development and implementation of effective remediation plans to address internal or external findings.
• Assist business units with the identification, understanding, and development of processes, policies, procedures, and controls that effectively demonstrate compliance with regulatory obligations.
• Assist the compliance monitoring program in support of providing frequent and highly professional reports to the CCO, executive management, and the Board of Directors.
• Interact and communicate in a highly effective, professional, and insightful manner with business colleagues within the company, as well as regulators, clearing members and other third parties.
• Exhibit and foster a strong compliance culture across all staff members.
• Qualifications:

• The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.
• 8+ years of compliance and/or technology and security experience.
• Strong working knowledge of securities and commodities rules and regulations. (i.e., SEC, CFTC, etc.).
• Strong working knowledge of compliance related best practices.
• Experienced in risk and control frameworks, and process improvement frameworks (e.g. COBIT, COSO, ITIL, NIST, ISO 27001, ISO 9001, CMMI).

• Experienced with Systems Development Life Cycle (SDLC) process (Waterfall & Agile).
• Strong working knowledge of the financial industry.
• Strong working knowledge of IT and Information Security practices including IT Governance, architecture, cloud computing, networking, data & information management, security operations, Agile delivery etc.
• Excellent organizational and communication skills.
• Comprehensive analytical, conceptual and problem-solving skills .
• Ability to support the entire Compliance Program, including policy and procedure management, process and control management, testing, monitoring, risk assessment, and findings management.
• Ability to manage and prioritize assignments and respond to rapidly shifting priorities.
• Ability to work independently and as a member of a team, collaborating with internal business clients at various levels of seniority.
• Must be able to work under deadlines and manage multiple tasks.

• Proficiency with MS Office software, GRC tools, Document Management tools and reporting tools.
• Experience using an integrated risk management system (such as RSA Archer) preferred.
• Experience using NAVEX Global and PolicyTech preferred.

• 8+ years of experience in IT Compliance, IT, Information Security and/or any combinations of these.
• Direct supervisory and managerial experience preferred.
• Bachelor’s degree or equivalent degree required in a related discipline (Computer Science, Business Administration, etc.).