This job has expired, please see additional jobs below
Director, Information Security Risk Management
E*Trade Financial
Alpharetta, GA, United States
Job Details - this job has expired, please see similar jobs below
THE COMPANY
E*TRADE is a leading financial services company and a pioneer in the online brokerage industry. Having executed the first-ever electronic trade by an individual investor more than 30 years ago, the company has long been at the forefront of the digital revolution, offering easy-to-use solutions for individual investors and stock participants. Founded on the principle of innovation and determined to level the playing field for individual investors, E*TRADE delivers digital platforms, tools, and professional assistance to help investors and traders meet their near-and long-term investing goals. The Company provides these services both online and through its network of customer service representatives and financial consultants – over the phone at two national branches and in-person at 30 E*TRADE branches.
RESPONSIBILITIES
The Director, Information Security Risk Management is a key member of the Information Security Governance, Risk & Compliance leadership team and responsible for directing and reporting on Information Security risk programs in a manner that meets corporate, legal and regulatory requirements. The Director, Information Security Risk Management is also responsible for the development and maintenance of the Information Security Risk Management Program.
This position requires a strategic leader with strong collaboration skills, detailed working knowledge of IT and Information Security best practices, and familiarity in leading a distributed team in effectively managing risks for a highly regulated business environment. This position serves as the process owner of all operational activities related to the ongoing identification, management and reporting of key IT and security risks. The Director, Information Security Risk Management must be highly knowledgeable about the business environment and must ensure that information systems are proactively maintained within the business risk appetite.
• Define, implement and monitors the Information Security Risk Management program
• Establish and maintain security risk appetite statements, baseline and maturity model
• Communicates and ensures programs are in compliance with applicable laws, regulations,policies, and standards
• Coordinates with IT Leadership Team, First and Second Line Risk Teams, and Internal Audit to facilitate key risk management processes and define acceptable levels of risk
• Collaborate with executive management and department leaders to assess near- and long-term Information Security risk management needs
• Participate in key initiatives as the subject matter expert to ensure alignment with Information Security strategies and road map
• Define, implement and monitors the Information Security Risk Management program
• Establish and maintain security risk appetite statements, baseline and maturity model
• Communicates and ensures programs are in compliance with applicable laws, regulations, policies, and standards
• Coordinates with IT Leadership Team, First and Second Line Risk Teams, and Internal Audit to facilitate key risk management processes and define acceptable levels of risk
• Collaborate with executive management and department leaders to assess near- and long-term Information Security risk management needs
• Participate in key initiatives as the subject matter expert to ensure alignment with Information Security strategies and road map
Minimum Required:
• Minimum 10 years’ experience in Information Security and/or IT Risk Management functions
• Minimum 5 years’ experience with talent management
• Proven experience and success with managing IT or Information Security risk functions
• Proven experience with IT risk and compliance best practices
• Demonstrated technical abilities across a broad range of technologies: Windows, Linux, relational databases (Oracle, MS SQL, etc.), firewalls, routers, mobile devices, virtualization and cloud computing
• Knowledgeable of information security risk, governance, and control frameworks such as ISO/IEC27000series, NIST CSF, CSA CCM and PCI DSS
• Proven project management and organizational skills, specifically managing multiple,concurrent projects
• Strong interpersonal, written, and oral communication skills
• Highly self-motivated and directed professional, with keen attention to detail
• Excellent analytical, problem-solving and decision-making abilities
• Able to effectively prioritize tasks in a high-pressure environment
• Strong customer service and solution-focused orientation
• Experience working in a team-oriented, collaborative environment
Preferred Qualifications:
• Bachelors or Master’s Degree in Information Systems, Computer Science or related discipline is highly desired.
• CISSP, CISA, CISM or CRISC certification is highly desired
BENEFITS
We offer a competitive and comprehensive benefits package.
E*TRADE Financial is an Equal Opportunity Employer who encourages diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, age, disability, citizenship, marital status, sexual orientation, gender identity, military or protected veteran status, or any other characteristic protected by applicable law.