Information Security - Governance

Requirements: GRC, identity and access management, ISO, NIST, sox, third party risk


Location:Philadelphia, PA

Job Type:Full Time

Salary: $130k - $170k


Description of Responsibilities

We are a global financial services firm with offices located in Philadelphia looking to expand our regional information security engineering team.  The Security Engineer is responsible for ensuring the overall security, integrity and availability of the information systems and data.  In this role, you will partner with the CISO and become a strategic resource in building efficient security solutions towards risk mitigation.  This is a hands-on role with an opportunity to build multiple security programs.

Role Responsibilities:

  • Evaluate security policies and standards, recommending changes to meet the firm’s risk tolerance and regulatory requirements
  • Promote security awareness and training across the firm
  • Perform security reviews of all new and existing third-parties as part of the firm’s existing third party risk management program.
  • Assists with ongoing improvement to the third-party risk management program (process, framework, artifact collection)
  • Develops and maintains the information security risk exception and approval process
  • Assists with establishment and maintenance of security reports and dashboards 

Requirements:

  • 7 or more years’ experience in the field of Information Security
  • Certificates and degrees associated with InfoSec preferred
  • Experience in a highly regulated and secure industry
  • Experience with technology financial regulations and industry best practices (NIST, ISO, FFIEC, SOX section 404)
  • Experience with information security risk management and process improvement
  • Experience with Identity and Access management, Data Classification / Protection Initiatives


Apply for this job