Search using our robust engine. Get the recommendations you need to get ahead.
Browse through our expansive list of legal practice areas.
Work where you are or where you would like to be. Find where you will work with LawCrossing.
Use our marketplace to feature your opportunity
Start your search today
Set up your account and manage your company profile on LawCrossing
Look through and compare company profiles
Learn from the legal expert
Discover salaries and the scope of your next job
LawCrossing Works Read Testimonials and Share your Story
Do Not Be Influenced by Others’ Negative Opinions of You
In-House
Attorney
Information Technology
Litigation - Whistleblower - CFTC
8-10 yrs required
Senior Info Security Specialist / Information Security Risk and Compliance Consultant The candidate provides risk based analysis to support adherence to information security controls, policies and industry best practices in order to protect the confidentiality, integrity and availability of the company’s information systems. Responsibilities may include: Leading and coordinating policy and policy exception services and related strategic initiatives. Providing advisory support to the enterprise on information security controls, policies, security baselines and industry best practices. Participating in analyzing, drafting and implementing changes to information security policy and security baseline documents. Performing risk analysis of information security policy exceptions. Providing advisory and logistical leadership to the Policy Exception Working Group to analyze and approve exceptions. Tracking and reporting on the status of exception requests as well as expiring exceptions and escalating issues to appropriate levels of management. Understanding emerging IT risks and their impact on both existing policy exceptions and policy statements. Partnering with risk representatives across the enterprise to drive standardization and collaborate on joint initiatives. Facilitating in the enhancement of repeatable, documented processes to identify and develop risk assessments, facilitate remediation, and ongoing monitoring of the policy exception program. Contributing to the enhancements of the risk and control library.
Qualification and Experience
Graduate/Master's level degree in the areas of business administration, information security, computer science or information technology management or Law degree/licensed to practice law will be preferred. Should preferably have management experience; experience in publishing information security policy and security configuration baseline documents for enterprise-wide distribution; experience in risk and compliance management and process development in the areas of information technology and security. Should have 8-10 years of experience in information technology and or information security and compliance and understanding of financial information security legal, regulatory and compliance requirements. Demonstrated leadership with teams/individuals and large/complex enterprise projects will be required. Strong written and verbal communication skills are required. Should be proficient in MS Office tool suite including, Excel, Power Point, Sharepoint and Visio. Should be highly skilled in developing executive-level presentations and strategies that include process diagrams and designs. Experience with RSA Archer administration and/or development is required. Industry certifications in the area of information security, project management and technology auditing including, CISSP, CISM, GIAC GSEC, PMP and/or CISA.
Ref: 140024492.
Sign Up Now