Information Security Compliance Program Manager - Remote

Overview

The Governance, Risk, and Compliance (GRC) team handles a wide range of cross-functional activities, from security compliance certifications and audits, to risk management, inbound and outbound due diligence, third party risk management, security awareness, policy and procedures, and more.

In Short

• Own and manage ongoing cybersecurity audits and assessments including SOC 2, GLBA, NYDFS, SOX, and other regulatory or client-driven reviews
• Serve as the primary liaison between internal stakeholders and external auditors, regulators, and third-party assessors
• Monitor compliance with cybersecurity policies and standards
• Partner with stakeholders to conduct walkthroughs and create process maps for critical cybersecurity processes
• Translate technical controls and requirements into audit-ready evidence
• Support regulatory, third party attestation, and Internal Audit readiness activities
• Communicate clearly and effectively with both technical and non-technical audiences

Requirements

• BS degree in Computer Information Systems or related field
• 7+ years of experience with security GRC initiatives
• Experience with regulatory cybersecurity compliance examinations
• Knowledge of transaction banking compliance and privacy regulations
• Experience with onboarding and monitoring cybersecurity controls in cloud environments
• Strong knowledge of security risk management
• Self-starter with strong interpersonal and communication skills
• Experience managing programs in GRC tools

Benefits

• Competitive benefits
• Bonus and/or long-term incentives eligibility
• Comprehensive and competitive benefits package