at Apex Systems in CHICAGO, Illinois, United States
Job Description
Description
Senior Manager of Cyber Security
Chicago IL
Permanent Opportunity
For more information, contact Jeremy Nesper at jnesper@apexsystems.com.
Job Description
The Sr. Manager of Cybersecurity Governance & Compliance will lead a team of global professionals and will work with partners globally to oversee the day-to-day tactical functioning of the processes and people dedicated to the organization. The position must set high-level strategy and direction for those performing these daily activities and clear expectations, goals, and requirements that must be obtained as a measure of success. This position will work closely with the Segment CIOs, GT senior leadership, and other partners to ensure that at all times, the daily activities upon which the organization depends to reduce risk to the environment are functioning as designed and providing the desired benefit.
Responsibilities
- Assess the strategic and practical needs of the organization globally to help ensure that the Company has a world-class Information Governance and Compliance Program.
- Ensure the visibility, value, security, integrity, and availability of electronic data and information throughout the Company.
- Work with cross-functional teams to identify and implement cost and risk-reducing opportunities for IT Governance and Compliance.
- Oversee and support control owners on the development of their controls and guiding them on improving the efficiency and effectiveness of their controls
- Oversee the facilitation of access reviews and provide feedback on completed reviews
- Provide feedback to control owners on newly developed controls
- Work with external, internal audit, Global Technology, and Finance to improve the global control environment
- Perform functions promptly and with an acute level of attention to detail, urgency, and thoroughness.
- Drive strategic deployment process within Governance & Compliance and own development and implementation of regular improvement priorities. (Continuous improvement methodology).
- Identifies developmental needs of members assigned to project teams and develops suggestions to address those needs. Acts as a mentor to team members on projects and provides on-the-job training. Schedules work, assigns responsibility, and delegates authority for assigned projects.
- Ability to analyze the most complex risk issues, determine their cause and impact on the business, and identify the corrective action needed to eliminate and prevent the events in the future
- Develop strategies and procedures to govern to our policies and standards with the definition of KPI’s associated with compliance.
- Develop and oversee the implementation of a strategic program applying industry-leading practices and methodologies to support the achievement of short, medium, and long-term goals.
- Develop and implement appropriate policies, SOPs, training, and guidelines for managing all information.
- Develop and manage global cybersecurity compliance through a well-defined metrics program.
- Work closely with the markets, information management program vendors, and consultants to improve programs.
- Support business units and capabilities (e.g., IT, Law Department, HR, Finance) day-to-day business needs and special projects.
- Develop a strategic third-party governance and compliance program according to the organization’s policies and standards.
- Supporting the annual departmental budget and capital requirements.
- Provide training and technical support to management and employees regarding IT compliance strategies and programs.
Qualifications
Minimum Requirements
- Bachelor’s or Master’s degree in accounting, audit, finance, business, information systems, or related field; or equivalent related professional experience
- Experience with leadership in IT Security governance, compliance or IT audit.
- Professional experience in internal or external auditing, accounting, or compliance.
Desired skills:
- Experienced in key compliance and IT frameworks such as Payment Card Industry (PCI),[ES2]Sarbanes-Oxley, SOC[ES3] reports, HIPAA, ISO27001, COBIT, VALIT, RISKIT, GDPR and privacy frameworks.
- Familiarity with complex multinational companies and distributed business models.
- Experience and willingness to lead a 24×7×365 team and work non-regular hours.
- Experience in leading a team with global regulatory compliance
- Ability to interpret and understand business needs and convey such issues to information security teams.
- Proficient in technical writing and demonstrating various creative mechanisms to communicate to diverse audiences.
- Strong ability to assess urgency and prioritization and make good decisions based upon situation circumstances.
- Professional certifications such as CISA, CISSP, CISM, CRISC CPA, CA, CIA, and PMP.
- Experience in developing and implementing a Global enterprise metrics programs
EEO Employer
https://www.eeoc.gov/eeo-policy-statement