The role involves developing and maintaining the company's formal information security policy library aligned with regulatory requirements and risk appetite
Job Summary
The role involves developing and maintaining the company's formal information security policy library aligned with regulatory requirements and risk appetite.
Candidates must map security policies to frameworks like DORA, FFIEC, and NIST CSF while supporting external assessments and audits.
The position offers a competitive salary, annual performance-based bonus, stock grants, and comprehensive health and wellness benefits.
Matching Summary
The role involves developing and maintaining the company's formal information security policy library aligned with regulatory requirements and risk appetite.
Salary
Competitive salary; Annual performance-based bonus and stock grant; Retirement plan 401(k) with match
Skills & Requirements
Must-have
7+ years information security experience
3+ years policy development in regulated industry
Hands-on technical cybersecurity background
Fluent understanding of DORA FFIEC NIST CSF
Experience leading regulatory examinations
Nice-to-have
GRC tooling experience
Cross-functional consensus building
CISM certification preferred
European APAC regulatory knowledge
Strong writing and editing skills
Key Requirements
Bachelor's degree in Information Security or related field
7+ years total infosec experience
3+ years managing security policies in financial services
Prior experience as owner of policies or technical standards
Lead responder experience for regulatory examinations