Security Governance, Risk, and Compliance Lead

Hudson River Trading LLC

NY

JOB DETAILS
SALARY
$200,000–$300,000 Per Year
SKILLS
Analysis Skills, Automation, Business Analysis, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Command Line, Cross-Functional, Data Analysis, Debian Linux, Finance, Financial Regulations, ISO (International Organization for Standardization), Industry Standards, Information/Data Security (InfoSec), Internet Security, Legal Research, Linux Operating System, Maintain Compliance, Metrics, Penetration Testing, Performance Metrics, Project/Program Management, Python Programming/Scripting Language, Regulations, Regulatory Compliance, Regulatory Requirements, Reporting Dashboards, Risk, Risk Management, SQL (Structured Query Language), Scripting (Scripting Languages), Security Analysis, Security Compliance, Software Development, Team Lead/Manager, Threat Modeling, Threat and risk analysis (TRA), Time Management, U.S. National Institute of Standards and Technology (NIST)
LOCATION
NY
POSTED
30+ days ago

Hudson River Trading (HRT) is seeking a Security Governance, Risk, and Compliance Lead to join our growing Information Security team. This role will lead security governance programs for HRT entities based in America, Europe, and Asia, and will work directly on automating security governance at scale.

In this hands-on role, you will liaise closely with HRT's Compliance and Legal teams to research, build, and maintain security solutions for a diverse set of industry regulations and requirements. You'll lead a technical team responsible for owning and strategically ensuring HRT's compliance with global security regulations, helping to equip HRT to enter new markets with increasingly complicated regulatory needs.

Responsibilities

Manage and lead a team of security GRC engineers Perform internal and external security control assessments using industry standard frameworks such as NIST and CIS Conduct threat modeling and risk assessments Create and maintain security and compliance policies, standards, and guidelines Track regulatory security compliance obligations worldwide Work with cross-functional teams on program management to meet security and compliance KPIs Define critical success factors and KPIs to ensure firm-wide security compliance and security goals are met according to standards-based frameworks Monitor KPIs and create dashboards for real-time reports and board presentations Collect and analyze business metrics and build dashboards for reporting through data engineering Support the automation and governance of HRT's critical security controls, encompassing: • Vendor risk management • Penetration testing • Access management Ensure timely and accurate responses to requests for company data in collaboration with Compliance and Legal

Qualifications

7+ years of experience in cybersecurity risk and/or compliance with significant experience at a company in a heavily regulated industry Software development and/or scripting experience, preferably in Python or Go Familiarity with standards-based security frameworks such as CIS, NIST-CSF, FedRAMP, or ISO Data analysis skills leveraging SQL, Elastic, OSQuery, and Prometheus preferred Experience building strong cross-functional relationships and working across multiple teams, both technical and non-technical Experience with Linux and comfortability on the command line (Debian is a huge plus!) Familiarity with financial industry regulations CISSP, CISM, or a similar certification is a plus

Salary and Benefits

The estimated base salary range for this position is 200,000 to 300,000 USD per year (or local equivalent). The base pay offered may vary depending on multiple individualized factors, including location, job-related knowledge, skills, and experience. This role will also be eligible for discretionary performance-based bonuses and a competitive benefits package.

About the Company

H

Hudson River Trading LLC