200+ applicants

Company

Original Job Post

Zip Co · 2 days ago

Manager, Cyber-Security Governance, Risk and Compliance

New York, NY

Full-time

Remote

Director

$161K/yr - $194K/yr

10+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

FinanceFinancial Services

H1B Sponsorship

Insider Connection @Zip Co

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Developing Robust Risk Assessment Frameworks: Create and implement advanced risk assessment models to identify and mitigate emerging cyber threats specific to the financial services industry.

Ensuring Compliance with Evolving Regulations: Navigate complex regulatory environments by ensuring continuous compliance with evolving laws and standards such as GDPR, PCI DSS, and SOX.

Enhancing Incident Response and Management: Design and optimize incident response plans to effectively handle data breaches and cyber attacks, minimizing downtime and financial loss.

Implementing Cutting-Edge Security Technologies: Integrate and manage state-of-the-art security technologies and tools to protect sensitive financial data and customer information.

Conducting Comprehensive Security Audits: Lead thorough internal and external security audits to uncover vulnerabilities, ensuring the company’s infrastructure meets the highest security standards.

Fostering a Security-Aware Culture: Develop and deliver training programs to promote a culture of security awareness among employees, reducing the risk of human error and insider threats.

Optimizing Data Privacy Practices: Implement and refine data privacy practices to safeguard customer information, ensuring the company’s data handling processes are transparent and secure.

Managing Third-Party Risks: Assess and manage risks associated with third-party vendors and partners, ensuring they adhere to the company’s security and compliance standards.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Governance risk compliance (GRC)Cyber securityFinancial servicesRisk assessmentsCompliance auditsCISACISSPCISMRegulatory requirementsGDPRPCI DSSSOXISO 27001SOC2NISTSecurity technologiesSIEMDLPIAMRisk assessment methodologiesProject managementTraining programsEmerging threatsResource managementProblem-solvingInterpersonal skillsCommunicationLeadershipAttention to detail

Required

Bachelor’s Degree in Computer Science, Information Technology, Cyber Security, or a related field is required. A Master’s Degree in Cyber Security, Risk Management, or Business Administration is preferred.

10+ years of experience in governance, risk, and compliance (GRC) within the cyber security domain is essential.

Experience working for a U.S. financial regulator, Treasury Department, Federal Reserve Bank or a Public Auditor.

Proven track record of developing and implementing GRC frameworks in a financial services environment.

Demonstrated experience in conducting risk assessments and managing compliance audits.

A Certified Information Systems Auditor (CISA) is required. Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) is preferred.

Proficiency in risk assessment methodologies and tools.

In-depth knowledge of regulatory requirements and standards (e.g., GDPR, PCI DSS, SOX, ISO 27001, SOC2, NIST).

Experience with security technologies and solutions (e.g., SIEM, DLP, IAM).

Strong interpersonal skills with the ability to build relationships and collaborate effectively across departments, including IT, legal, finance, and operations.

Excellent communication skills with the ability to convey complex security concepts to non-technical stakeholders clearly and concisely.

Proven ability to lead cross-functional teams and manage multiple projects simultaneously.

Experience in developing and delivering training programs to enhance security awareness and promote a culture of compliance.

Analytical and problem-solving skills to identify and address GRC challenges proactively.

Attention to detail and a high degree of accuracy in work.

Project management skills to plan, execute, and monitor GRC initiatives.

Ability to stay current with emerging threats and industry trends to continuously improve the organization’s GRC posture.

Experience in managing resources within GRC functions to optimize performance and ensure effective risk and compliance management.

Preferred

A Master’s Degree in Cyber Security, Risk Management, or Business Administration is preferred.

Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) is preferred.

Benefits

Flexible working culture

Incentive programs

20 days PTO every year

Generous paid parental leave

Leading family support policies

100% employer covered insurance

Beautiful Union Square office with a casual dress code

Learning and wellness subscription stipend

Company-sponsored 401k match

Company

Zip Co

Glassdoor

3.4

Zip Co Limited (ASX: ZIP) is a digital financial services company, offering innovative, people-centred products that bring customers and merchants together.

Founded in 2013

Sydney, New South Wales, AUS

1,001-5,000 employees

https://zip.co

H1B Sponsorship

Zip Co has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Trends of Total Sponsorships

2023 (4)

2022 (1)

2021 (3)