Director of Cyber Risk, Governance & Compliance Technology

Director of Cyber Risk, Governance & Compliance Technology

The Director of Cyber Risk, Governance & Compliance Technology is generally autonomous in oversight and active management for a Technology program and/or practice area and most often reports directly to a Senior Director or Vice President.

• Hands‑on experience with federal government leadership in cyber security and enterprise risk.
• Drive efforts that align with Cyber’s strategy for high priority projects for the company.
• Develop and lead innovative, data‑driven approaches to strengthening security posture and drive effective cybersecurity risk management and due diligence approaches while supporting business imperatives.
• Manage and grow a dynamic team of people in the cybersecurity and risk domains.
• Establish relationships with information security and risk management teams, becoming a trusted adviser for cybersecurity risk, control and reporting challenges.
• Maintain a comprehensive understanding of the firm’s information security processes and controls, and consult process owners as new initiatives, risks, threats, control activities, and issues emerge.
• Align and implement enterprise cybersecurity requirements for the division by working with Enterprise Ops & Tech, and business stakeholders to analyze changes, assess impact, refine implementation approach, and establish compliance reporting.
• Lead engagements and presentations on top risks, trends and internal controls for senior department/divisional leadership, risk oversight, and cross‑business consumption.
• Demonstrate compliance with the following frameworks: NIST FISMA/FedRAMP, NIST CSF, CJIS, RegSCI and PCI‑DSS.
• Directly manage and/or influence separate teams focused on delivering high quality results within one or more major technology disciplines: strategy, software development, operations, engineering, development services, information security, and compliance.
• Focus on coordination with internal and external partners to deliver methods, procedures, practices, documents and results to increase reliability and usability of technology while optimizing costs and return on investment.
• Deliver results based upon FINRA annual goals, department goals and management requests.
• Direct and coordinate organization’s financial and budget activities to fund operations, maximize investments, and increase efficiency for a program, project and/or practice area.
• Provides leadership in technology best practices.
• Analyze information and evaluate results to choose the best solutions and solve problems.
• Support the evaluation of new technologies, techniques, and tools.
• Report status and issues to senior Technology management team.
• Work directly with outside vendors to negotiate services and product agreements.
• Serve as backup to more senior level management as needed.
• Develop constructive and cooperative working relationships with peers both within and outside of Technology, and maintain them over time.
• Contribute to the establishment, evolution and continued compliance with standard practices and processes within the disciplines.
• Assist with adherence to technology policies and comply with all security controls.
• Ensure all work products meet /exceed FINRA standards and risks are effectively managed.
• Participate in periodic Disaster Recovery (DR), Business Continuity Planning (BCP) and Sarbanes Oxley (SOX) testing and reporting.
• Resource Management.
• Identify and hire resource/skills needed within their organization.
• Responsible for staff performance management and training.
• Coordinate assignment of subordinate staff.
• Demonstration of FINRA’s values.
• Collaboration, both in‑person and virtually, in furtherance of FINRA’s mission of investor protection and market integrity.

• Bachelor’s degree in Computer Science, Information Systems or related discipline with at least ten (10) years of related experience, or equivalent training and / or work experience;
  Master’s degree and past Financial Services industry experience preferred.
• Minimum of 5 years of technical project, program and / or practice area oversight.
• Past experience influencing decisions and building conscience…