Manager of Cybersecurity Governance - NJ
Requirements: cobit, cybersecurity, governance, ISO, NIST
Job Type:Full Time
Salary: $120k - $140k
Description of Responsibilities
New Jersey has long been entrenched in joining NYC in housing well established financial institutions. As the technology and security sectors continue to grow and firms look to shape their business around technology - our client has been a long standing member of the fintech world in the suburbs of New Jersey.
With technology rapidly changing, cybersecurity needs are constantly being added! Our client is looking for a Manager of Cybersecurity Governance to define, communicate, and oversee an information security program. In this role you will be responsible for establishing and implementing frameworks to adhere to both internal and external (regulations such NIST, ISO TOGAF, COBIT, etc). This is a highly visible role within a growing and developing information and cyber security team.
Salary: up to $120K Base + bonus + benefits
· Proactively develop, maintain, evaluate and implement policies and procedures to ensure all pertinent organizational, client and regulatory requirements are satisfactory.
· Manage and ensure all information security related awareness training has been developed and delivered to diverse constituents. Initiate and conduct security awareness trainings and seminars.
· Effectively track and close all information security open items and maintain control of technology control’s environment.
· Effectively track, remediate and close audit findings relating to cybersecurity.
· Conduct organization wide data classification assessment and security audits and manage remediation plans.
· Conduct vendor information security due diligence including implementation of assessment and authorization, continuous minoring and security operations management activities.
· Establish information security baselines, procedures, and guidelines to ensure business processes address information security risk.
· Enhance and manage Incident Response Plans, annual IT Risk Assessments and associated risk mitigation and avoidance functions.
· Develop metrics to measure, monitor, and report on effectiveness of information security controls and compliance with information security policies.
· Perform vulnerability assessments to evaluate effectiveness of existing controls.
· Bachelor’s degree in Computer Science, Business Administration, Engineering, or related discipline.
· Thorough experience with security policy development, metrics capture, KRI, compliance testing and project management.
· Thorough hands-on experience with development of system security plans, contingency plans, incident response plans, configuration management, security control requirements and assessments.
· Expert level understanding of underlying governance and controls development frameworks – NIST, ISO, TOGAF, COBIT, FIFEC, etc.
· Influencing skills and proven ability to work in a matrix organizational structure.
· Familiarity with Network Design, Firewalls, Routers and general network design and security issues.
· Ability to perform Risk Assessments.
· Hands-on experience in the use of eGRC platform (RSA Archer).
· The successful candidate will have a minimum of 7 years related experience.
· Relevant certifications – CISSP, CISA or equivalent.
For more information, please send resume to firstname.lastname@example.org