Technical Specialist-Information Security Governance, Risk - New York, NY, United States
2 days ago
Job description
DescriptionCome join us as a Technical Specialist where you will play a key role in strengthening our Information Security (InfoSec) Governance, Risk & Compliance (GRC) capabilities across the enterprise. In this experienced individual contributor role, you will develop, maintain, and execute the frameworks, policies, standards, and processes used to identify, assess, manage, and report information security risk. You will ensure our security practices align with regulatory requirements, industry standards, and business objectives through hands-on analysis, thorough documentation, and disciplined execution. Success in this role requires a highly self-directed professional who can operate with minimal supervision, demonstrates exceptional organizational skills and attention to detail, and consistently delivers high-quality, actionable outcomes. If you are passionate about driving strong security governance and making a measurable impact on enterprise risk, we strongly encourage you to apply and help shape the future of our security program.
Responsibilities
Core Responsibilities
- Contribute to information security policies and governance frameworks aligned with national energy security priorities in compliance with regulatory requirements and industry standards.
- Collaborate with internal stakeholders (IT, OT, Legal, Risk, Operations) and external partners (regulators, government agencies, industry groups).
- Facilitate incident response planning, exercises, and post-incident reviews to strengthen organizational readiness.
- Support incident response planning and champions a culture of cyber accountability and resilience across the organization.
- Support internal and external audits while driving continuous improvement of GRC maturity.
- Provide executive-level reporting on cybersecurity posture, compliance status, and resilience metrics.
- Serve as a key liaison between InfoSec, IT, Audit, Legal, peers in InfoSec Compliance, and business stakeholders to ensure security risks are clearly communicated and appropriately governed.
- Support internal and regulatory compliance efforts, including NERC CIP, TSA, Coast Guard, and other applicable federal and state mandates.
- Facilitate and maintain cyber resilience strategies to ensure continuity of operations during and after cyber incidents.
Required Education/Experience
- Master's Degree and 6 years of work experience in IT or Utility environments with at least four (4) years in GRC or similar or
- Bachelor's Degree and 8 years of work experience in IT or Utility environments with at least four (4) years in GRC or similar
- Master's Degree preferably in Information Technology, Computer Science, Information Security, Math, Engineering or business-related discipline.
- Bachelor's Degree preferably in Information Technology, Computer Science, Information Security, Math, Engineering or business-related discipline.
- Must demonstrate knowledge of project management concepts and ability to support project monitoring, tracking, and facilitation to ensure project deliverance/completion, required.
- Proven experience of process and policy creation and documentation, required.
- Must demonstrate strong analytical skills, required.
- Must demonstrate strong oral and written communication, presentation and interpersonal skills, required.
- Must have used, and have working knowledge of MS Excel, Word and PowerPoint, required.
- Experience and working knowledge of GRC concepts, required.
- Experience developing and delivering well organized analytical presentations, preferred.
- Demonstrates a high commitment to quality
- Assumes personal responsibility for actions
- Strong verbal communication and listening skills
- Possesses flexibility to work in a fast paced, dynamic environment
- Effective interpersonal skills
- Demonstrated analytical skills
- Ability to simultaneously handle multiple priorities
- Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc.
- Effective interpersonal skills
- Driver's License Required
- Ability to push, pull, and lift up to 25 pounds
- Sit or stand to use a keyboard, mouse, and computer for the duration of the workday
- The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.
Similar jobs
+Job summary · We're looking for practitioners who understand how security policies, compliance programs, audits, and risk management actually work inside real organizations. · +ResponsibilitiesReview and analyze security policies, controls, and procedures · Classify and evaluate ...
1 week ago
We partner with AI research teams to build cutting-edge AI models. We're looking for GRC practitioners who understand security policies inside real organizations. · Review security policies. · Evaluate compliance scenarios. · ...
1 month ago
TikTok is seeking a Governance, Risk, · & Compliance ("GRC") Services Lead to be part of · & the US Security & Privacy Risk and Compliance team. · ...
1 month ago
TikTok is seeking a Governance, · Risk,& · & Compliance ( ...
1 month ago
We partner with regulated organizations seeking a Director of Financial Risk & Governance to lead and support enterprise risk management, financial governance, · Lead financial risk and governance initiatives aligned with regulatory and compliance expectationsDevelop and maintain ...
1 month ago
Driving enhancements to market risk frameworks policies and standards Leading governance oversight across traded products and risk stripes Partnering with senior stakeholders in Market Risk Model Risk Front Office and Regulatory teams Supporting regulatory interactions and ensuri ...
3 weeks ago
The System Manager Information Security InfoSec Governance Risk Compliance GRC is a leadership role responsible for overseeing the frameworks policies standards and processes used to identify assess manage and report InfoSec risk across the enterprise while ensuring alignment wit ...
1 week ago
+ Lead governance and oversight activities for American Express Joint Venture in China · + Consult on the design and implementation of controls tailored to specialized risk areas including Financial Crime and Compliance, · + Ensure all activities & guidance provided to BU are in ...
1 month ago
As Director of Risk Governance at American Express you will lead governance and oversight activities for American Express Joint Venture in China. · Lead governance and oversight activities for American Express Joint Venture in China. · ...
1 month ago
The Vice President (VP) in the Americas Market Risk Management Governance and Coordination Team will serve as a key member of the team with responsibility for market risk governance and issue management across Combined U.S. Operations (CUSO), the SMBC Capital Markets Swap Dealer, ...
1 month ago
+The Associate in the Americas Market Risk Management Governance and Coordination Team will focus on issue management, governance coordination, reporting and execution of key regulatory and risk management processes. · +Support end-to-end issue management lifecycle for regulatory ...
3 weeks ago
We are looking for a Director of Risk and Remediation Governance to lead a diverse team of high-performing professionals focused on ensuring control management is embedded in the day-to-day operations of our organization. · ...
1 month ago
The System Manager oversees frameworks policies standards and processes used to identify assess manage and report InfoSec risk across the enterprise while ensuring alignment with regulatory requirements industry standards and business objectives. · Oversee the development and mai ...
1 week ago
Driving enhancements to market risk frameworks, policies and standards. · ...
4 weeks ago
KPMG is currently seeking a Lead Specialist to join our Managed Services practice. The role involves providing strategic oversight and governance for GRC platforms, maintaining risk registers and conducting regular risk assessments. · ...
1 month ago
The System Manager Information Security InfoSec Governance Risk Compliance GRC is a leadership role responsible for overseeing the frameworks policies standards processes used to identify assess manage report InfoSec risk across the enterprise while ensuring alignment with regula ...
1 week ago
Job summary The Director , Risk & nbsp ; Risk & RemediationGovernance willleadadiverse teamofhigh- performingprofessionalsfocusedonensur ingcontrolmanagementisembeddedintheverydayoperationsofourorganization . Theroleinvolve sextensivecollaborationwithmultipleteam membersacross ...
1 month ago
The System Manager is a leadership role responsible for overseeing the frameworks,policies, standards and processes used to identify assess manage and report InfoSec risk across the enterprise while ensuring alignment with regulatory requirements industry standards and business o ...
1 week ago
We are seeking a Director of Financial Crimes Governance and Exam Management to join our team at American Express. This role will be responsible for establishing a robust control foundation for first line of defense FCRM activities across the company globally. · ...
3 weeks ago
We partner with regulated organizations seeking a senior leader to oversee AI governance, model risk management, and compliance-driven analytics initiatives.This role focuses on establishing governance frameworks, managing regulatory risk related to AI and advanced models, and en ...
1 month ago
We are seeking a dynamic and experienced Senior Line Manager to lead our Infrastructure Governance, Risk, and Compliance (GRC) team. · The successful candidate will be responsible for driving the strategic direction of the team. The focus will be on enhancing our proactive risk m ...
2 weeks ago