Sr. Manager, Information Security - Regulatory & Examination

* Ensure overall CSO organization regulatory reporting dashboard is delivered
* Monitor relevant laws, regulations and standards to ensure organization’s security practices align with regulatory requirements.  Create and distribute monthly regulatory development update reporting.
* Assist with creation of materials for Annual Cyber Security Board Review and Quarterly Board Risk Committee Meetings
* Creation of materials for various reporting committees and forums, including weekly status
* Creation of materials for various reporting committees and forums, including weekly reports, business unit reviews and horizontal reviews
* Build strong relationships with internal and external partners, seen by them as a trusted partner
* Complete ad hoc and urgent requests from internal and external partners, and recommend new controls to reduce risks
* Work closely with US TI&I Risk & Controls Team, Regulatory Affairs, Operational Risk Management (ORM) and Internal Audit as required.
* Teamwork and Relationship Building – Foster collaborative relationships with a wide range of stakeholders to identify opportunities to enhance Information Security processes and controls, understand pain-points and priorities, influence direction, solve problems, and ensure successful adoption and operation of policies and standards.
* Will be required to foster relationships with middle to senior management, and senior executives across a range of functions including Risk Management and Technology.
* Share governance best practices, based on regulatory and audit observations and feedback identified
* Provides ongoing advice and direction on a variety of complex conceptual or interpretative issues
* Perform regulatory controls as assigned control performer
* Implement continuous improvement areas
* Create and maintain procedural documentation
* ** KNOWLEDGE AND SKILLS
*** 10 years in Information Security, IT Risk Management, regulatory compliance or audit functions, within a US or Canadian bank (preferably at least 5 years in a leadership role)
* Deep knowledge of key information security domains including network security, IAM, data protection, vulnerability management, application security, etc.
* Awareness of emerging technologies and risks
* Proven track record of managing banking regulatory examinations (e.g. FRB) and state specific oversight (e.g. NYDFS)
* Demonstrated experience with FFIEC IT/Cyber Exam Handbook and GLBA Safeguards rule compliance.
* Strong understanding of control frameworks (e.g. NIST CSF)
* Ability to identify regulatory themes, assess control effectiveness and spot emerging gaps
* Hands on experience preparing and delivering materials for regulatory agencies  and internal/external auditors.
* Skilled in exam logistics
* Ability to determine and draft  formal regulatory responses to information security issues which are clear, defensible and aligned with the overall risk posture
* Experienced influencing and presenting to sr. leadership, boards and regulators
* Exceptional written and verbal communication skills, with the ability to translate technical requirements into clear actionable language for regulators and executives.
* Strong interpersonal skills to influence without direct authority
* Experience with GRC platforms (e.g. Metric Stream,One Trust, Archer)
* Certified professional with current Industry recognized certifications such as CISSP, CISM, CISA
* You see the big picture and operate strategically
* You act like an owner. You are action oriented, thriving when you're empowered to take initiative, go above and beyond, and deliver results.
* You have a passion for excellence, holding yourself and others accountable.
* You know that details matter. You notice and question things that others don’t. Your critical thinking skills help to inform your decision-making.
* You are a strong communicator, verbally and in writing, with the ability to flex to needs of executives and team members within and outside of US Information Security.
* You’re goal-oriented. You’re motivated by accomplishing individual and team based goals and consistently delivering your best to make a difference.
* You are a curious learner, staying…