Information Security Assurance- Assistant Vice President
Bengaluru, India
State Street
State Street provides investment servicing, investment management, investment research and trading services to institutional investors worldwide.Information Security Assurance, AVP
Job Overview:
The candidate will support the overall corporate information security compliance to State Street internal policies, external regulatory and client requirements. As a member of the Policy & Governance team, the individual will maintain the enterprise information security policies and processes necessary to support information security compliance with established company policies, regulatory requirements, and generally accepted information security controls. Assist the business with the Corporate Information Security (CIS) exception process and review/update internal controls, policies and standards for State Street globally.
Responsibilities:
- Maintains enterprise information security policies, technical standards, guidelines, and procedures necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls.
- Researches compliance issues/questions for existing and new regulations, and provides interpretation or clarification within the team.
- Collaborate with Corporate Compliance, Legal, Regulatory Affairs, Corporate Audit and Enterprise Technology Risk Management as appropriate in assessing State Street internal policy compliance against external requirements.
- Coordinate, review and respond for the respective CIS areas covering regulatory compliance assessments and client questionnaires in support of new and current clients using and maintaining our central repository of responses.
- Collaborate with other team members throughout the organization ensuring consistency in the alignment of State Street policy, standards, procedures and controls.
- Assist and contribute to additional projects and deliverables related to assurance, governance and policy requests as they pertain to CIS initiatives.
- Participate in the development implementation review and revisions of compliance procedures and systems within Corporate Information Security.
- Develop understanding of State Street’s IT infrastructure and compliance levels pertaining to Cyber and Information Security.
- Assist with the establishment of key operational metrics supporting the tracking, status and progress of regulatory requests and questionnaires as they pertain to cyber and information security.
Qualifications:
· Excellent verbal, written communication skills and experience presenting across the various levels within the business up to senior leadership.
· Ability to interact professionally with a diverse group and in a diverse set of regions: executive, managers, and subject matter experts, North America (NA), Asia-Pacific (APAC), and Europe and the Middle East (EMEA)
- Minimum 3 years of experience working in Information Security or general IT areas related to risk management, controls assurance, compliance programs, cybersecurity and information security regulations, industry standards, and internal policies frameworks.
- Previous experience creating and/or performing review and gap analysis of information security policies and standards against cybersecurity frameworks
- Possess strong knowledge and experience with of one or more of the following cybersecurity frameworks; NIST CSF, NIST 800-53 or ISO 27001/27002.
- Project management and reporting experience and the ability to operate in a deadline-oriented environment.
- Applies administrative oversight and managerial skills to various projects and assessments.
- Certified Information Security Auditor (CISA), Certified Risk & Information Systems Controls (CRISC) or Certified Information Security Manager (CISM) certification preferred or similar Information Security experience.
- Possesses a broad and comprehensive understanding of different Information Security standards, policies and compliance regulations including GLBA, GDPR, China Security Law, CCPA, etc.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CCPA CISA CISM Compliance CRISC GDPR GLBA Governance ISO 27001 IT infrastructure NIST NIST 800-53 Risk management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs