Vacancy expired!
Direct client is looking for the
Information Security Office ConsultantHybrid position - 2/3 days Onsite midtown NYCThis position reports directly to the Head of the Information Security Office, contributes to, and supports the firm's overall Information Security.The position interfaces with various levels of IT and business personnel, monitoring critical security functions, evaluating key IT processes from a perspective of information security, and advises on best practices and approaches.The ISO is an advanced role supporting the entire cybersecurity program.This individual provides executive support, strategic and tactical guidance, and complete execution for a world-class cybersecurity program, primarily supporting regional enterprise security initiatives.As directed by the CISO, the ISO helps drive strategy while providing oversight and reporting on the execution of enterprise security systems, applications and operations.As a business enabler, the ISO ensures business decisions are not obstructed by cybersecurity but instead are made using sound security principles and supporting corporate security policies and plans. The ISO will work with an adaptable and secure business-supporting cybersecurity team, in addition to influencing and executing with technical teams, which includes but is not limited to patch management, security operations, security engineering and software development.Duties:Stay abreast of information security and information technology issues, threats, vulnerabilities and regulatory changes affecting the organization, and perform independent research as needed.Provide consultation and guidance to IT teams as and when needed to address issuesPrepare and provide status reports and dashboards on various matters (BAU activity, projects, KRIs, strategy, etc.) to senior executivesEnsure security governance is uniformly applied and remain informed on projects progress; create quality reports illustrating program status, areas for improvement and successWork with, monitor and provide guidance, evaluation and advocacy on information security related audits including scope of audits, issue finding, and disposition of issues to put the institution in its best light.Work closely with various business functions (e.g., banking, equities, operational risk, compliance, legal, HR and audit teams) to provide security best practice expertise.Stay abreast of new laws, regulations and standards, and assess their impacts to the businessDrive efforts to internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls, security programs across the enterpriseConduct independent verification of the company networks and sensitive programs through internal team resources and independent consultant engagements Skills and ExperienceDemonstrates highly effective communications skills with the ability to influence business unitsSolid knowledge of information security tools and techniques, including:data leakage prevention, incident response, vulnerability scanning and reporting, security operations, identity management and Cloud securityAbility to independently work, be counted upon, manage priorities, and remain flexible in a changing environment while meeting project timelinesProven high level of integrity, trustworthiness and confidence, as well as ability to represent the company and security leadership with the highest level of professionalism Strong Microsoft Office, project management and organizational skillsApplicable knowledgeable with the cybersecurity requirements and best practices recommended by various regulators such as the Federal Reserve Bank (FRB), New York Department of Financial Services (NYDFS) regulations and frameworks, and others;Familiarity with National Institute of Technology (NIST) standards, International Standards Organization (ISO) standards, etc. and aligning those with enterprise solutions & processes7+ years' cybersecurity experience 7+ operationally focused security practitioner roleSolid knowledge of several information security and technology frameworks including: FFIEC, ISO, NIST Financial Services/Banking experience is preferredISOCISSP, CRISC, CISA, CISM, CEH or CCSP certifications a plus- ID: #49540950
- State: New York New york city 10001 New york city USA
- City: New york city
- Salary: Depends on Experience
- Job type: Contract
- Showed: 2023-03-25
- Deadline: 2023-05-22
- Category: Et cetera