Information Security Risk Management LeadCLS Group. • Iselin, NJ, United States
Information Security Risk Management Lead
CLS Group. • Iselin, NJ, United States
17 days ago
Job type
- Full-time
Job descriptionFunctional title - Information Security Risk Management Lead Department - Risk Corporate level - Director Report to - Head of Technology & Information Security Risk Management Location - New York / New Jersey Expected full-time salary range between $ 180K - $225K + variable compensation + 401(k) match + benefits. Risk Culture - Assist the CRO and Head of Enterprise Risk and Operational Risk Management in driving the culture of engagement, teamwork and accountability. Risk Assessments - Collaborate with the Information Security teams to guide and challenge risk assessments, and lead in efforts to strengthen the control environment in line with the evolving threat landscape. Process Improvements - Identify opportunities to reduce risk of recurrence of incidents and events through process evaluation and improvements plans. Operational Risk Management Framework - Support the CRO and Head of Enterprise Risk and Operational Risk Management in furthering the use and efficacy of the ORM framework while enhancing its applicability to manage information security risk. Review and Credible Challenge - Provide review and credible challenge of the information security risk profile and all associated framework components, e.g., risk and control self-assessments, control testing, event management, metrics and indicators, risk appetite, finding management, and reporting. Risk Oversight - Lead in executing oversight of information security risks by performing the following : Review and monitor the progress of actions and validate appropriateness of closure evidence. Thematic review of operational risk events and associated proposed actions to reduce risk of recurrence. Document credible challenge of information security risk appetite to support the Enterprise Risk management (ERM) program. Regular review and challenge of key risk indicators including thresholds and applicability to risk appetite. Prepare monthly and quarterly ORM / ERM reports and present to Technology Leadership, Audit, and regulatory bodies as required. Project Oversight - Lead in executing project oversight for information security risks by performing the following : Work with business partners to challenge the quality of the project inherent risk assessments and contribute to the independent risk review for projects. Review project benefits and closure artifacts in preparation for transition to BAU. Governance - Actively present to various committees and forums to keep management educated on changes to CLS risk appetite. Relationship Management - Be a respected point of contact to stakeholders across the business and technology functions in providing operational risk coverage for information security risk. Advisory Services - Be a trusted advisor and provide effective challenge to stakeholders on the evolving cybersecurity and technology risk landscape. Policy & Procedures - Maintain and oversee relevant policies, standards, and procedures related to CLS security processes. Provide guidance and support to junior members of the team. Interact with and present to regulatory bodies in regular continuous monitoring meetings. Ability to partner, influence, and maintain credibility with the business Broad-based technology experience at substantial scale and complexity in a global, highly regulated, high-volume transaction environment. Experience must include time operating within transaction services environments characterized by the need for continuous availability and the highest levels of security. Experience with developing and managing Operational Risk programs, establishing framework and on-going process in accordance with best practices and Basel requirements. Comfortable leading in a complex matrixed organization, ideally in a global firm with a dynamic and rapidly changing environment. Experience leading within a highly regulated environment, with a preference for experience at the international and federal levels. Deep knowledge of policy frameworks and a strong understanding of policies, procedures, guidelines, and structure. Functional expertise, with operational knowledge of and exposure to various current and emerging information security areas such as : B.S. in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent). Relevant certification is desirable, e.g., CISSP, CISM, CISA, CRISC. Working knowledge of Risk Management life cycles based on an established framework : NIST CSF, NIST SP 800-53, ORX, ISO 27001, SANS, CERT, ENISA, CSA, OACA, ISACA. Proficiency in MS PowerPoint and Excel. Experience in broader MS Office suite, including Project and Visio is a plus Experience with enterprise GRC tools, e.g. Archer is a plus Holiday - UK / Asia : 25 holiday days and 3 'life days' (in addition to bank holidays). US : 23 holiday days. 2 paid volunteer days so that you can actively support causes within your community that are important to you. Generous parental leave policies to ensure you can enjoy valuable time with your family. Parental transition coaching programmes and support services. Wellbeing and mental health support resources to ensure you are looking after yourself, and able to support others. Employee Networks (including our Women's Forum, Black Employee Network and Pride Network) in support of our organisational commitment to embrace and always be learning more about inclusivity. Hybrid working to promote a healthy work / life balance, enabling employees to work collaboratively in the office when needed and work from home when they don't. Active support of flexible working for all employees where possible. Monthly 'Heads Down Days' with no meetings across the whole company. Generous non-contributory pension provision for UK / Asia employees, and 401K match from CLS for US employees. Private medical insurance and dental coverage. Social events that give you opportunities to meet new people and broaden your network across the organisation. Annual flu vaccinations. Discounts and savings and cashback across a wide range of categories including health and retail for UK employees. Discounted Gym membership - Complete Body Gym Discount / Sweat equity program for US employees. All employees have access to Discover - our comprehensive learning platform with 1000+ courses from LinkedIn Learning. Access to frequent development sessions on a number of topics to help you be successful and develop your career at CLS.
About CLS :
CLS is the trusted party at the centre of the global FX ecosystem. Utilized by thousands of counterparties, CLS makes FX safer, smoother and more cost effective. Trillions of dollars' worth of currency flows through our systems each day.
Created by the market for the market, our unrivalled global settlement infrastructure reduces systemic risk and provides standardization for participants in many of the world's most actively traded currencies. We deliver huge efficiencies and savings for our clients : in fact, our approach to multilateral netting shrinks funding requirements by over 96% on average, so clients can put their capital and resources to better use.
CLS products are designed to enable clients to manage risk most effectively across the full FX lifecycle - whether through more efficient processing tools or market intelligence derived from the largest single source of FX executed data available to the market.
Our ambition to make a positive difference starts with our people. Our values underpin everything that we do at CLS and define our working environment :
- Pivotal purpose
- Trusted guardian
- Targeted innovation
- Facilitate connections
- Delivering excellence
- Inclusive culture
Job information :
Note : Disclosure as required by NY Pay Transparency Law of the expected salary compensation range for this role.
What you will be doing :
Job purpose
The Information Security Risk Management Lead is a key member of the Risk Management team and is responsible for leading the implementation of the Enterprise and Operational Risk Management frameworks designed by CLS to identify, measure, monitor and mitigate information security risks. The successful candidate serves as a second set of eyes to management to provide review and credible challenge of the effectiveness of information security processes and controls. This position is highly engaged with the firm-wide Information Security teams who provide security solutions as well as all corporate departments that own information security risk.
Essential Function / major duties and responsibilities of the job
Strategic
Operational
Provide subject matter expertise to business units to drive, guide and influence risk ownership, clarity and assessment of risks & controls.
Provide challenge of risk management of material information security projects that may impact the firm's risk profile.
Leadership
Primary lead for the team to role model expected work ethic and quality, meet divisional objectives, and support career development.
What we're looking for :
10+ years of experience specifically related to information security governance, operations, and risk management.
v Cyber resilience
v Identity & privileged access management
v Secure coding practices
v Incident response
v Artificial Intelligence
v Third-party risk management
v Cloud security configuration and control frameworks
v Threat / vulnerability management
v Network security
Professional qualifications / certifications
#LI-DK1
Our commitment to employees :
At CLS, we celebrate inclusion and consider this to be one of our strongest assets. We are committed to fostering an environment in which everyone feels comfortable to be who they are, and inclusion is valued. All employees have access to our inclusive benefits, including :
Create a job alert for this search
Information Security • Iselin, NJ, United States
Related jobs
About the job Risk Management Analyst.Risk Management Analyst needs risk management techniques and practices, including a working knowledge of Risk Control Frameworks.
Risk Management Analyst requir...Show more
Since 1989, SHI International Corp.We've grown every year since, and today we're proud to be a $16 billion global provider of IT solutions and services.
Over 17,000 organizations worldwide rely on S...Show more
Read on to find out what you will need to succeed in this position, including skills, qualifications, and experience.The Director of Cyber Security is a senior leadership role responsible for devel...Show more
Wells Fargo is seeking a Lead Information Security Engineer - Palo Alto Firewalls to join our Chief Technology Office (CTO).
Learn more about the career areas and business divisions at wellsfargojob...Show more
A healthcare organization in New Jersey is seeking a Chief Information Security Officer to lead their information security strategy.
This role requires extensive experience in risk management and IT...Show more
ADP is Hiring a Senior Manager - Insider Risk & Analysis.We are seeking an aggressive, proactive, and visionary leader to serve as Director of Insider Risk.
This role will be central in shaping, bui...Show more
We're one of the country's largest energy companies, with a vision of powering a future where people use less energy, and it's cleaner, safer and delivered more reliably than ever.We're also deeply...Show more
ADP is hiring a Director - Security AI & Innovation (Technical Leader).Join ADP's Global Security Organization (GSO) to transform the future of cybersecurity.
We're on a mission to redefine how secu...Show more
Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries.
Our growth is driven by delivering re...Show more
A healthcare organization in New Brunswick is seeking a Chief Information Security Officer to lead their information security initiatives.
This role involves developing and implementing security str...Show more
In this role, you will lead strategic initiatives to protect sensitive information, manage threat intelligence programs, and ensure compliance with relevant regulations.
You will also collaborate cl...Show more
We're one of the country's largest energy companies, with a vision of powering a future where people use less energy, and it's cleaner, safer and delivered more reliably than ever.We're also deeply...Show more
Senior Consultant | Enterprise Risk Management | Regulations & Compliance.No visa sponsorship available for this job.Job Description : Must Have Skills AML (Anti Money Laundering) Businessdata analy...Show more
We are seeking an experienced and visionary ITSM Leader to establish and own the process and governance of a consistent IT Service Management (ITSM) practice across our ZTD organization.This is a p...Show more
CoreWeave is The Essential Cloud for AI™.Built for pioneers by pioneers, CoreWeave delivers a platform of technology, tools, and teams that enables innovators to build and scale AI with confidence....Show more
Those aren't words that are usually associated with a job.But working at Bristol Myers Squibb is anything but usual.Here, uniquely interesting work happens every day, in every department.From optim...Show more
At EY, we're all in to shape your future with confidence.We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go.Join EY and help ...Show more
The Maximus DoD Cloud Information Systems Security Officer (ISSO) will work directly with the Maximus Federal Business Information Security Officer (BISO) to identify and manage implementation of s...Show more
Risk Management Analyst
Global Channel Management • Plainfield, NJ, United States
Full-time
Last updated: 24 days ago • Promoted
Sr. Risk Analyst
SHI International • Somerset, NJ, United States
Full-time
Last updated: 13 days ago • Promoted
Director of Cyber Security
Wakefern Food Corp. • Edison, New Jersey, US
Full-time
Last updated: 13 hours ago • Promoted • New!
Lead Information Security Engineer - Palo Alto Firewalls
Wells Fargo • Iselin, NJ, United States
Full-time
Last updated: 6 days ago • Promoted
Strategic CISO : Lead Enterprise InfoSec & Risk Management
Saintpetershcs • New Brunswick, NJ, US
Full-time
Last updated: 18 hours ago • Promoted • New!
Senior Manager - Insider Risk and Analysis
Automatic Data Processing • Roseland, NJ, US
Full-time
Last updated: 27 days ago • Promoted
Director Cybersecurity Governance, Risk, & Compliance
Public Service Enterprise Group Inc • Newark, NJ, United States
Permanent
Last updated: 17 days ago • Promoted
Director - Security AI & Innovation (Technical Leader)
ADP • Roseland, NJ, United States
Full-time
Last updated: 17 days ago • Promoted
Manager, Security Governance Risk and Compliance
KPMG • Short Hills, NJ, United States
Full-time
Last updated: 10 days ago • Promoted
CISO : Enterprise Security Leader & Risk Strategist
Saint Peters Healthcare System • New Brunswick, NJ, US
Full-time
Last updated: 6 days ago • Promoted
Information Security Manager
Halcyon Support • Newark, NJ, United States
Full-time
Last updated: 30+ days ago • Promoted
Director Cybersecurity Governance, Risk, & Compliance
PSEG • Newark, NJ, United States
Permanent
Last updated: 17 days ago • Promoted
Senior Consultant | Enterprise Risk Management | Regulations & Compliance - Livingston, NJ
Staffing • Livingston, NJ, US
Full-time
Last updated: 30+ days ago • Promoted
ZTD Global IT Service Management Lead
Zoetis, Inc • Parsippany-Troy Hills, NJ, United States
Full-time
Last updated: 17 days ago • Promoted
Security Risk Management Analyst
CoreWeave • Livingston, NJ, United States
Permanent
Last updated: 17 days ago • Promoted
Director, Safety Center of Excellence
New Jersey Staffing • New Brunswick, NJ, US
Full-time
Last updated: 14 days ago • Promoted
Cyber Compliance (Vulnerability Management Lead) - Assistant Director
EY • New Brunswick, NJ, United States
Full-time
Last updated: 17 days ago • Promoted
Lead Analyst - Info Sec
MAXIMUS • Newark, NJ, United States
Full-time
Last updated: 14 days ago • Promoted