Sign upLog in

Assoc, Information Security Governance & Data Privacy

Madison-Davis

New York, NY

Apply
JOB DETAILS
SALARY
SKILLS
Administrative Skills, Banking Services, Budgeting, Data Management, Information/Data Security (InfoSec), Maintain Compliance, Metrics, Privacy Regulations, Project Planning, Project/Program Management, Regulations, Regulatory Compliance, Reporting Dashboards, Risk, Risk Analysis, Root Cause Analysis, Strategic Planning, Systems Administration/Management, Testing, Training Program, Training/Teaching
LOCATION
New York, NY
POSTED
3 days ago

Title: Assoc, Information Security Governance & Data Privacy

Office Status: Hybrid New York, NY

Base Salary: Up to $90k + bonus

ABOUT THE ROLE

This is an information security governance and data privacy opportunity within the CISO function of a well-established financial institution, offering broad ownership across security strategy, program management, governance, risk assessments, compliance, and data privacy. The role sits at the intersection of IT/IS risk and regulatory compliance requiring someone equally comfortable building and maintaining security frameworks as they are managing data privacy programs, preparing regulatory exam responses, and driving CISO metrics and reporting. It's an ideal fit for a technically grounded IT/IS risk professional with a working knowledge of security tools and systems administration who thrives in a structured, compliance-driven banking environment.

RESPONSIBILITIES
  • Coordinate Information Security strategy in alignment with branch-level goals;maintain strategic initiative tracking and KRIs;conduct quarterly CISO strategy reviews and adjust as necessary
  • Provide end-to-end project management for all CISO-led projects;manage all CISO programs including the Information Security Program, Training & Culture Program (security training, phishing campaigns, tabletop exercises), and Data Privacy Program
  • Establish and maintain Information Security policies and procedures;ensure CISO roles and responsibilities are clearly delineated across first and second lines;periodically refresh TISR controls guidance
  • Develop, monitor, and track CISO policy adherence measures and metrics;provide all administrative functions for the Information Security Committee and its sub-committees
  • Establish and enhance a TISR framework;conduct risk assessments across projects, third-party engagements, new activities, and applications;develop and execute an annual TISR work plan covering risk identification, assessment, control evaluation, and testing
  • Catalog and oversee remediation of TISR issues arising from audits, regulatory exams, root cause analyses, and control testing;track control gaps and annually refresh CISO policies to reflect enhanced controls
  • Prepare and submit audit evidence requests;develop proactive audit readiness strategies;prepare regulatory exam response evidence and recommend policy changes to align with OCC and applicable federal guidelines
  • Develop and implement data privacy strategies ensuring compliance with applicable privacy laws and regulations including GLBA and related requirements;oversee privacy risk assessments, maintain privacy policies and procedures, and deliver privacy training programs
  • Manage all CISO metrics and reporting across operational, executive, board-level, budget, headcount, and dashboard formats

About the Company

M

Madison-Davis

Resume Resources

Free Resume TemplatesFree Resume Builder