Maintain and enhance the Information Security Policy Framework, ensuring alignment with regulatory requirements and industry standards (e.g., NIST, ISO, CIS).
Collaborate with stakeholders to ensure policies are understood, adopted, and enforced across the organization.
Implement and operationalize GRC platform; create and maintain automated workflows, associated processes, and related documentation.
Maintain the enterprise Information Security Risk Register and perform periodic and ad hoc risk assessments.
Monitor and report on meaningful metrics and reporting, including Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs).
Support risk treatment planning and execution, ensuring alignment with the organization’s risk appetite.
Perform third party risk assessments and ongoing oversight activities.
Facilitate security compliance framework assessments, control narrative creation, and evidence collection.
Conduct control testing, identify deficiencies, and drive remediation efforts.
Support the development and ongoing maintenance of an integrated control framework to assess and monitor compliance.
Promote a security-first mindset across the organization.
Contribute to the development and delivery of security awareness programs.

Requirements

Bachelor’s degree or equivalent experience; relevant certifications preferred (e.g., CBCP, MBCP, MBCI, FBCI)
3-6+ years’ experience in cybersecurity GRC and/or BC/DR roles, ideally within financial services.
Strong analytical and critical thinking skills and the ability to organize work in a logical, thorough, and succinct manner.
Highly self-motivated, results-orientated, and self-directed to handle multiple ongoing tasks.
Flexibility to adapt to changing assignments and ability to effectively prioritize.
Effective written and verbal English communication at all levels.
Demonstrated ability to operate and innovate in a small team with a fast‐paced environment, balancing both strategic and tactical needs.

Benefits

401(k) Plan with Employer Matching
Four Medical Plan options that is generously subsidized by Corient
Employer paid Dental, Vision & Life and AD&D Insurance
Employer paid Short-term & Long-term Disability
Paid Maternity & Parental Leave
Flexible Spending Accounts & Health Savings Accounts
Dependent Care FSA
Commuter & Transit FSA
Corporate Discount Program - Perkspot
Training Reimbursement
Paid Professional Designations
Giving back to the community - Volunteer days

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Information Security Policy FrameworkGRC platformautomated workflowsrisk assessmentsKey Risk Indicators (KRIs)Key Performance Indicators (KPIs)control testingsecurity compliance frameworkcontrol frameworksecurity awareness programs

Soft Skills

analytical skillscritical thinkingorganizational skillsself-motivatedresults-orientedflexibilityprioritizationwritten communicationverbal communicationteam collaboration

Certifications

CBCPMBCPMBCIFBCI