Software Guidance & Assistance, Inc., (SGA), is searching for an
Information and Security Control Risk Manager for a
contract assignment with one of our premier financial services clients in
New York City, NY.
The US cybersecurity and IT risk team oversees and advise on cybersecurity and IT risk matter in the firm. The team primary focuses is to ensure the bank's security controls are in line with industry standards and compliant with the regulator requirement.
The primary function of an Information and Security Control Risk Manager is to monitor, analyze, and report on cybersecurity requirements against relevant regulations and standards, such as NYDFS, FFIEC, and NIST CSF, while taking a risk-based approach. The IS&C manager will be able to understand complex security challenges, identify vulnerabilities, and propose effective solutions.
Responsibilities :
- Dedicated and detail-oriented cybersecurity professional with a strong background in regulatory compliance.
- Continuously monitor and assess the effectiveness of security controls and processes.
- Technical skills such as network security, application security, encryption, vulnerability assessment, and incident response.
- Solid understanding of information security principles and practices, including threat and vulnerability management, incident response, and security operations.
- Knowledge of information security principles and practices, network protocols, and operating systems.
- Knowledge of information security risk management frameworks, compliance practices, key risk indicators and metrics.
- Strong analytical and problem-solving skills, with the ability to work well under pressure and manage multiple priorities.
- Excellent communication, presentation, written, and collaboration skills, with the ability to work effectively in a team environment.
- Perform the information security compliance tasks such as ensuring IT activities, processes, and procedures meet defined requirements, policies and regulations.
- Perform control assessments against enterprise cybersecurity frameworks and the firm's standards.
- Track, manage, and report on any internal or external cybersecurity-related issues.
Required Skills:
- Bachelor's degree in a technical field such as computer science, computer engineering and related field required 3-5 years' experience required.
- 3 years of Regulatory compliance/examination and Audit Experience.
- 5-7 years of experience in related cybersecurity technical background and exposure to cloud technologies.
- Experience on security governance, policies, cybersecurity frameworks, security standards– 1 recent project.
- An understanding and experience with security controls/mechanisms and risk assessment techniques pertaining to complex data, application, and networking environments (asset), proven through recent experience in last 2+ project.
- Information security related certification (such as Security+, CISA, CISM, CISSP).
- Recent relevant Financial Industry Experience.
- Excellent communications and written skills.
- Comfortable putting together and presenting risk reporting to a US IS&C management.
- Candidate must be a team player and may be required to assist other team members in other security and IT risk tasks, as needed.
- Ability to manage assigned tasks and expectations without direct instruction or oversight.
- Fast, adaptable learner who can hit the ground running.
- Ability to work well under pressure while demonstrating strong professionalism.
- Willingness to learn new technologies and security-related information.
Preferred Skills:
- Knowledge with NYDFS Cybersecurity regulations, experience with regulatory examinations, or strong understanding of NIST CSF.
- Proficiency in MS Office (extended knowledge of MS Excel and PowerPoint are preferred).
SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at https://sgainc.com/ .
SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company EEO page to request an accommodation or assistance regarding our policy.
