Technical Program Manager GRC

Title: Technical Program Manager GRC

Location: Hauppauge, New York

Terms: Permanent / FTE

Job Details:

The Technical Program Manager, Security Governance Risk & Compliance will be responsible for developing and maintaining security standards and procedures, identifying cyber security risks and ensuring adequate processes and technical controls are in place to mitigate identified risks. This role will participate in cybersecurity audits and assessments follow up with remediation activities based on audit recommendations and assist in maturing various cybersecurity programs including Security awareness, Incident Response, Disaster Recovery etc.

Education and Experience:

• Bachelor's degree in Computer Science, Information Systems, Information Security/Assurance or related field required or eight years of directly related experience

• Minimum five years of experience in an Information Security role, with strong experience in Security Governance, Risk & Compliance or in a regulated industry required, preferably at a Bank or Financial Services institution

• Strong understanding of key information security concepts and fundamentals

• Experience with GRC and Information security tools/technologies to collect and main security and risk information

• General understanding of security risks and trends, security compliance assessments and audits

• Professional certifications in Information Security (such as CISA, CISM, CRISC, CISSP, CRISC etc.) preferred

Essential Skills:

Excellent presentation, facilitation and communication skills

Experience in creating awareness of security practices across multiple technical teams

Ability to lead cross-functional efforts in making sound risk-based decisions.

Working knowledge of security frameworks and standards including NIST, PCI, ISO 27001, etc.

Job Responsibilities:

• Assist with the development and on-going management of the Cybersecurity Governance Risk and Compliance program

• Develop and maintain information security policies, standards, process documentations and control objectives

• Mature and enhance the information security awareness and training program

• Monitor and escalate unresolved security exposures, misuse, policy violations and other non-compliance situations to Security Leadership

• Monitor industry regulatory environment for impact on security programs and changes to security compliance standards

• Work closely with Technology-focused teams and other business stakeholders to identify potential security weaknesses, define potential impact and develop effective mitigation strategies

• Perform other duties upon request by immediate supervisor

Benefits of Joining the our Team:

We provide a competitive compensation and benefits package that includes, but is not limited to:

Paid time off for vacation, personal days, and holidays

Fully-funded pension plan

401k company contribution

Client pay 100% of Vision & Dental Care

Tuition reimbursement is offered to full-time employees

Exclusive employee discount of 0.96% APR on credit card loans and a 1.00% APR on all other loans through Client

Flexible hybrid schedule for eligible positions