Office Status: Hybrid
Salary: $90,000 to $110,000
Responsibilities:
- The candidate will assist the CISO in the development, implementation and revisions of the Branch’s Information Security Policies and Procedures in a timely manner.
- The candidate will be responsible for all Information Security initiatives assigned by the CISO during the business continuity process, annual OAT Testing and its relevant tasks.
- The candidate will be responsible for monitoring secure software and system implementation and development within the branch. These duties will include monitoring of the system changes and access control
- The candidate will assist the CISO in maintaining the physical security of the Branch and performing periodic physical security assessments in the Branch primary office, Datacenter and Back-up site.
- The candidate will be responsible for preparing and maintaining all risk profile reports under the direction of the CISO. The candidate will also independently report risk profile of the branch’s Information Security and Information security concerns directly to the branch senior management monthly and as needed basis. The candidate will also assist in preparing documents related to Information Security issues to the Branch Oversight Committee (BOC) and IT & Operational Risk Committee.
- The candidate will assist the CISO in managing various types of Information Security assessments as part of the routine Information Security compliance check, vulnerability assessment, risk assessment and any ad-hoc assessments.
- The candidate will prepare audit materials as requested by the Internal Audit Division, Head Office and regulators under the direction of the CISO.
- Assist in researching and monitoring new regulations, standards or guidelines by a governing body that is applicable to the Branch.
- Assist in the preparation of annual certification/attestation for the NYDFS Part 500, Swift CSP, FFIEC and DTCC requirements.
- The candidate will assist the CISO in managing and maintaining the Vendor Management program.
- Conduct third party risk assessments and perform third party onboarding and termination process.
- Prepare and conduct periodic Third-Party awareness training for applicable staff.