Job Description
About the position Responsibilities β’ Oversee and manage audits, compliance, and regulatory activities related to Cybersecurity, including FBA/FFIEC, Bank of England, other regulators, GLBA, SSAE16/ISAE3402, SOC 2, PCI-DSS, Sarbanes-Oxley (SOX), internal audits, ISO, NIST, COSO, COBIT, and customer/client inquiries. β’ Collaborate with various functions such as corporate compliance, internal audit, enterprise risk management, regulatory risk, and technical teams to facilitate audit, regulatory, and compliance practices for information security. β’ Promote proactive readiness activities and enhance information security based internal controls to support future reviews. β’ Leverage Artificial Intelligence tools or other automation tools to improve efficiency and productivity in audit and compliance processes. β’ Develop comprehensive risk management reports, including dashboards, metrics, and executive summaries. β’ Advise Cybersecurity leadership on the status of technology risk and compliance issues, based on assessment results and information from various monitoring and control systems. Requirements β’ 8+ years of relevant work experience with a Bachelor's Degree or at least 5 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 2 years of work experience with a PhD, OR 11+ years of relevant work experience. β’ 9 or more years of relevant work experience with a Bachelor Degree or 7 or more relevant years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 3 or more years of experience with a PhD. β’ Bachelor's degree in Computer Science, Information Systems, Management Information Systems, or Business Administration or another related field. β’ 8-10 years of leadership experience in Information Security, Audit, Risk, and/or Compliance. β’ 6+ years direct participation and experience across common industry security policy areas, including PCI-DSS, ISO, NIST, COSO, COBIT, FFIEC, SOX, SSAE16/ISAE3402, SOC 2 and others. β’ Proven experience collaborating with multiple stakeholders on both internal and external delivery and communication initiatives. β’ Ability to synthesize diverse data points, solve problems, and develop comprehensive and effective execution and risk mitigation plans. β’ Strong executive presence and exceptional communication skills, with experience in audit, compliance, regulatory discussions, and proactive readiness activities with internal partners and external clients. β’ Capability to influence beyond the immediate team and engage with more experienced or senior individuals. β’ Must be highly flexible and able to manage multiple tasks and priorities under tight deadlines. β’ Data Analysis skills using Microsoft Excel, SQL, or other scripting languages. β’ Broad and deep experience across PCI standards (DSS, PIN, P2PE, Token etc.) with the ability to apply the standards with confidence across different organizational contexts. β’ Previous experience in implementing or managing Governance, Risk, and Compliance (GRC) tools, as well as developing dashboards and creating tools to automate tasks in order to enhance efficiency. β’ CISSP, CISA, CISM, CEH, PCI QSA/ISA Certifications preferred. Nice-to-haves β’ Advanced Degree (e.g., Masters, MBA) in related field. Benefits β’ Medical β’ Dental β’ Vision β’ 401 (k) β’ FSA/HSA β’ Life Insurance β’ Paid Time Off β’ Wellness Program Apply tot his job Apply tot his job