Information Security Manager
Greater NYC Area
2 days ago
Document new and review existing IS policies to ensure alignment with organizational risks and business strategy and to drive continual improvement of the IS program.
Manage projects to deliver new and improved IS solutions; identify and evaluate potential third-party solutions as required.
Coordinate internal and third-party audit programs: monitor compliance with and performance of defined IS controls within the organization and also among service providers.
Provide direct training and day-to-day consultancy to employees and third-parties on IS policies and procedures; initiate, facilitate, and promote activities to improve awareness.
Own the risk register: manage ongoing identification, assessment, and treatment of IS risks.
Work with the Security Engineer and software engineering teams to monitor delivery of project-based IS requirements through the Software Development Life Cycle (SDLC).
Coordinate response to assessments by regulators, auditors, clients, and/or certifying bodies, including NY State Department of Financial Services (NY 23 CRR 500) and SEC (Reg SCI).
Manage Business Continuity/Disaster Recovery plans, including regular testing.
Manage and review cybersecurity incidents.