- Oversee the implementation and maintenance of policies, as well as a comprehensive controls framework to ensure technical systems and information assets are protected;
- Direct and conduct ongoing risk analysis organizationwide to uphold the GRC program;
- Lead a team dedicated to an ongoing security maturation program, where areas of strength are amplified and areas needing improvement are documented;
- Partner with business units when onboarding solutions to ensure adequate controls are available and enabled in production;
- Oversee audit and compliance mechanisms to measure and enforce alignment with citywide cybersecurity requirements;
- Oversee governance and tracking of remediation requirements from agency assessments;
- Oversee findings brought forward through the risk mitigation and acceptance program and report to security leadership where gaps exist;
- Engage in continuous professional development with team management, honing direction as well as strategic plans;
- Maintain a high degree of knowledge with current and proposed security changes impacting regulatory, privacy and security industry best practice guidance;
- Manage special projects and initiatives as assigned.
- A baccalaureate degree from an accredited college including or supplemented by 24 credits in the field of voice and/or data telecommunications or in a pertinent scientific, technical, electronic or related area, and four years of satisfactory fulltime experience in the performance of analytical, planning, operational, technical, or administrative duties in a voice and/or data telecommunications or closely related electronics planning, management, and/or service organization, one year of which must have been in a highly specialized capacity and 18 months must have been in an executive, managerial, or administrative capacity or in the supervision of staff performing work in the voice and/or data telecommunications field; or
- An associate degree from an accredited college including or supplemented by 12 credits in the field of voice and/or data telecommunications or in a pertinent, scientific, technical, electronic or related area and five years of experience as described in "1" above; or
- Education and/or experience equivalent to "1" above. However, all candidates must have at least a four-year high school diploma or its educational equivalent and one year of the specialized experience as described in "1" above and must possess the 18 months of executive, managerial, administrative or supervisory experience as described in "1" above.
- 10+ years' experience in cybersecurity or information security
- Demonstrated leadership experience and thorough understanding of various regulatory requirements and laws
- Proven project leadership with both legacy and emerging technologies to assess and manage business risk and enforce security controls
- Proven understanding of business focus and processes, and ability to inject cybersecurity into the business through teamwork and influence
- Strong team and organizational management skills, and track record of delivering projects under tight deadlines
- High level of integrity and trustworthiness, as well as confidence to represent the company and security leadership with the highest level of professionalism
- Knowledge of security frameworks such as NIST CSF, NIST SP 80053, PCI, and CJIS. CISSP, CISM, CISA, CRISC, GSLC preferable
- Outstanding written and verbal communication skills
- Selfmotivated with a commitment to learning and continuous improvement.
-
Finance Risk and Control Sr Group Manager
3 weeks ago
Citigroup Inc California, United StatesThe Business Risk and Control Sr Group Manager – Technology and Data lead manages multiple teams through other managers. Excellent communication skills are required to negotiate internally, often at a senior level. Responsible for supporting enterprise and executing functional st ...
-
Finance Risk and Control Sr Group Manager
3 weeks ago
Citigroup Inc California, United StatesThe Business Risk and Control Sr Group Manager – Technology and Data lead manages multiple teams through other managers. Excellent communication skills are required to negotiate internally, often at a senior level. Responsible for supporting enterprise and executing functional st ...
-
Manager, Internal Audit
3 weeks ago
Standard Bank of South Africa Limited California, United StatesTo lead and review the audit process for a portfolio of audits through audit execution and oversight of the audit team to independently and objectively provide assurance that enables client centric risk management. · Contribute to the development and implementation of the Country ...
-
Internal Audit-Bengaluru-Analyst-Business Audit
3 weeks ago
Goldman Sachs Group, Inc. California, United StatesWhat We Do · As the third line of defense, Internal Audit's mission is to independently assess the firm's internal control structure, · including the firm's governance processes and controls, and risk management, capital and anti-financial crime frameworks · , raise awareness o ...
-
Market risk director
1 week ago
Sumitomo Mitsui Banking Corp California, United StatesFull job description · SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more tha ...
-
Senior Credit Analyst
3 weeks ago
Wesbank California, United StatesAshburton Investments is a new generation investment manager that offers investors access to more sources of return and more ways to manage risk. In the institutional space in South Africa as well as our Global business, we pride ourselves on offering solutions to address clients ...
-
Data Governance by Design Analyst
2 weeks ago
Citigroup Inc California, United StatesThe Human Resources organization at Citi is expanding the Data team and has an exciting opportunity for · Data Governance by Design Analyst . · The role will report to the Head of Data Governance by Design and · will be responsible for · implementing proactive data governance ...
-
Senior Director, Operational Risk Management
3 weeks ago
SimplyApply California, United StatesBoston, United States of America · The Senior Director, Operational Risk develops and maintains an effective Operational Risk program focused on the firm's maintenance of the Operational Risk Capital Program, Loss and Scenario programs and enabling Operational Risk data framework ...
-
G3 Innovative Solutions, LLC California, United StatesG3 Innovative Solutions · is an IT Services company founded to create innovative solutions to enhance the capabilities of our customers. G3 employees have successfully satisfied the technology needs of the U.S. Government and we continue to maintain relationships with those who ...
-
Citigroup Inc California, United StatesUSPB Risk CAO organization provides a global focus for risk management strategy/execution oversight for compliance with Citi Policies and Regulatory requirements, and driving Strong Risk Management - for USPB Risk, Wealth Risk and Legacy Franchises/Banking & International Retail ...
-
IT Audit, Cybersecurity
3 weeks ago
Baker Tilly US, LLP California, United StatesOverview · Baker Tilly US, LLP (Baker Tilly) is a leading advisory CPA firm, providing clients with a genuine coast-to-coast and global advantage in major regions of the U.S. and in many of the world's leading financial centers – New York, London, San Francisco, Los Angeles and ...
-
SAP Program Manager
1 week ago
Wipro California, United StatesRole Purpose · The role incumbent is responsible for the successful execution of a low to medium complexity program & its profitability.It is a · role requiring understanding of the individual program and how it interacts with other programs. The Program Manager is also responsi ...
-
Director, Cyber Risk Sr Group Manager
2 weeks ago
Citigroup Inc California, United StatesThe Technology and Cyber Compliance and Operational Risk Office (TCCORO) at Citi is the firm's reliable second set of eyes. Our mission is to drive comprehensive and consistent practices designed to identify, measure, monitor, report and manage operational and compliance risks wh ...
-
Citigroup Inc California, United StatesClient – MCA Architect/ Data Quality and Reporting Lead (SVP) · Description · – · The Client organization was established to drive enterprise-wide approaches to client coverage, identifying and filling in gaps or reducing duplication to ensure consistency throughout the firm. Ad ...
-
Finance Rptg Lead Group Mgr
1 week ago
Citigroup Inc California, United StatesAs we continue to focus on strengthening the Controllers discipline through better integration, realignment, and growth & change, we've identified the need for Four new leadership roles that will report into our new · Regulatory and Capital Reporting Head · . · Those roles are: ...
-
Marketing Operations Specialist, Consultant
3 weeks ago
Blue Shield California, United StatesYour Role · The Communication Governance team supports the development and implementation of strategic communication programs to improve overall member experience, streamline operational processes, and govern member-facing communications to align with company policies and regula ...
-
Senior Analyst, Mobile Money Audit
3 weeks ago
Ghanabusinessweb California, United StatesPosted on: 08-Aug-2023 · - · Permanent/Full Time · - · Accra · • This role is responsible for the implementation of high priority/risk mobile financial services audits as assigned and project manages medium to high priority proactive and reactive assurance work, in line with ...
-
Vice President
1 week ago
Citigroup Inc California, United StatesThe Portfolio Management Group (PMG) is an independent function in the 2nd Line of Defense Risk organization that seeks to apply portfolio management techniques on a macro basis, primarily for the global wholesale lending and counterparty credit risk portfolio. PMG, which reports ...
-
HR Data Process Reengineering
2 weeks ago
Citigroup Inc California, United StatesThe Human Resources organization has an exciting opportunity for professionals with experience in leading improvement initiatives to evaluate the department's effectiveness and contribute to the future organization. The role will report to the HR Chief Data Officer and engage wit ...
-
Cybersecurity Engineer II
2 weeks ago
Highbury Defense Group California, United StatesHDG is currently on the lookout for Cybersecurity Engineers. The chosen candidates will undertake a range of responsibilities, including delivering top-notch engineering support services, software engineering, and cybersecurity engineering. This position entails being a key membe ...
Deputy CISO Governance, Risk - California, United States - City of New York
Description
The Office of Technology and Innovation (OTI) oversees all Citywide technology, privacy, cybersecurity, infrastructure, and telecommunications to ensure the security of, and enhance, City operations and service delivery to New York City's residents, businesses, employees, and visitors.
As the City's technology and innovation leader, OTI is responsible for operating, maintaining, and securing IT infrastructure and systems that touch every aspect of City life from public safety to human services, from education to economic development crossing the full spectrum of governmental operations.
Reporting to the Citywide Chief Information Security Officer (CISO), the Deputy CISO for Governance, Risk & Compliance (GRC) provides leadership, executive support, strategic and tactical guidance, and complete execution for the GRC program for Cyber Command.
The Deputy CISO will be responsible for identifying, evaluating and reporting on information security risks, in addition to influencing and implementing tools and practices to enhance processes related to third-party risk management, agency compliance, and audit engagement.
The position requires a diverse background to understand a variety of systems, including new technologies and legacy systems considered business critical.
The Deputy CISO for Governance, Risk & Compliance will:The preferred candidate should possess the following:
This position is also open to qualified persons with a disability who are eligible for the 55-a Program.
Please indicate at the top of your resume and cover letter that you would like to be considered for the position through the 55-a Program.
Residency RequirementNew York City residency is generally required within 90 days of appointment.
However, City Employees in certain titles who have worked for the City for 2 continuous years may also be eligible to reside in Nassau, Suffolk, Putnam, Westchester, Rockland, or Orange County.
To determine if the residency requirement applies to you, please discuss with the agency representative at the time of interview.
Additional InformationThe City of New York is an inclusive equal opportunity employer committed to recruiting and retaining a diverse workforce and providing a work environment that is free from discrimination and harassment based upon any legally protected status or protected characteristic, including but not limited to an individual's sex, race, color, ethnicity, national origin, age, religion, disability, sexual orientation, veteran status, gender identity, or pregnancy.
#J-18808-Ljbffr