Connecting linkedin

W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9oyw1sew4td2lsbglhbxmvanbnl2jhbm5lci1kzwzhdwx0lwpvyi5qcgcixv0

Job

CISO

  • Location

    Remote

  • Sector:

    Technology, Cyber Security

  • Job type:

    Permanent

  • Salary:

    400K-500K Base

  • Contact:

    Ryan Callahan

  • Contact email:

    r.callahan@hamlynwilliams.com

  • Salary high:

    0

  • Salary low:

    0

  • Published:

    about 2 months ago

  • Expiry date:

    2020-05-09

  • Startdate:

    ASAP

We’ll Trust You To

  • Oversee the governance and management of the information security program
  • Ensure our information security program follows industry best practices, SEC, FINRA, NFA, and other regulatory and legal requirements
  • Identify and mitigate any information security-related risks that could potentially create inappropriate exposure to Lord Abbett’s business or its clients’ data
  • Provide risk assessments, risk reports, strategy, program updates, and all matters pertaining to information security and their potential impact on Lord Abbett
  • Be accountable for the maintenance, enhancements, and monitoring of a strategic, risk management based, information security program to ensure the availability, integrity and confidentiality of information across Lord Abbett and at its service providers
  • Provide leadership in the analysis and discussion of security policies, standards and practices, and guide the acquisition of advanced security controls
  • In conjunction with colleagues from Legal and Compliance, evaluate and disseminate regulatory information security rules, laws, and best practices and collaborate with internal and external counsel as needed
  • Collaborate with Vendor Management on identifying and addressing 3rd party service provider security risks
  • Evaluate security risk and act expeditiously in making decisions and recommendations
  • Lead and coordinate, internally and externally, responses to security incidents, provide timely reports during the incident and remediation, as well as propose solutions to anticipate, prevent, or mitigate future incidents
  • Create or enhance security policies, standards, processes and procedures
  • Develop and review new security policies relevant to changing conditions and priorities
  • Enhance and maintain information security risk mitigation plans, including leading the security incident response team in prevention, investigation, mitigation and reporting activities
  • Oversee outside consultants for independent security audits, engagements and monitoring, including regular penetration and vulnerability testing
  • Stay up-to-date on information security and safety protocols
  • Balance information security needs with the organization's strategic business plan, identifies risk factors with evolving business plans and proposes mitigating solutions
  • Provide information security program updates and risk assessments and analysis to Lord Abbett senior leadership and external constituencies, including fund boards, consultants, and client

You’ll Need To Have

  • Certification as a Certified Information Security Systems Security Professional (CISSP), Certified Chief Information Security Officer (CCISO), or Certified Information Security Manager (CISM)
  • Knowledge of information security frameworks and standards, such as NIST and ISO 27002
  • Leadership experience as evidenced by successful program adoption in the asset management or finance space
  • Demonstrated accomplishments in program leadership, policy development, management, and risk assessments
  • Strong interpersonal and communications skills, plus the ability to achieve goals through influence, collaboration and cooperation
  • Knowledge of incident response planning and forensics investigations
  • Integrity and high standards of personal and professional conduct
  • Demonstrated knowledge of data classification and protection strategies / controls, including data leakage and monitoring best practices
  • Strong knowledge of regulatory rules and standards that govern information security practices in the financial services industry, such as SEC, FINRA, CFTC/NFA, and state and federal privacy laws