Marathon Asset Management · 1 day ago
Head of Cyber Security & Technology Risk Management (Information Technology) - Vice President
New York, NY
Full-time
Onsite
Senior Level, Lead/Staff
$150K/yr - $200K/yr
10+ years expMarathon Asset Management is a leading global asset manager specializing in public and private credit. They are seeking an accomplished Cyber Security leader to oversee the design and implementation of the firm's cyber security program and manage technology risk.
Emerging MarketsFinanceReal Estate
Responsibilities
Reporting to the CTO, the Head of Cyber Security & Technology Risk Management Leader strategizes and oversees the design, implementation, operational maintenance, and advancement of firm-wide cyber security program, processes, products, and solutions
Leads the allocated resources, Managed Service Providers and external solution partners in the Cyber Security function, guiding strategic enhancements and technical execution to maintain operational stability, improve cyber defense posture and manage the firm-level cyber risk at the desired levels
Be part of a diverse, cross-functional team that collaborates globally across the firm with a variety of internal functions from service desk to system architects, developers, infrastructure engineers, business stakeholders and Compliance, to measure, assess, and manage the cyber risks and threats relevant to the firm’s operations, data, and business continuity
This role requires a hands-on leader who can both develop and manage a comprehensive cybersecurity and technology risk management program and has direct experience building security infrastructure
Own, develop, implement, and maintain the IT Risk Management / cybersecurity program (strategies, policies, and controls) throughout the firm to ensure the security of the firm’s digital assets including systems and data
Lead, mentor, and manage a team of external resources to deliver the strategic and operational goals of the cybersecurity program
Oversee vulnerability assessments, penetration testing, incident triage, and forensic analysis, ensuring robust threat detection and effective incident response
Drive the technical execution of security projects across the entire lifecycle, including roadmap planning, KPI monitoring, and program delivery
Communicate security posture, risks, and incidents clearly to technical and non-technical stakeholders
Collaborate with Compliance, Legal, IT, and various business teams on risk governance, control selection, and the integration of security with organizational objectives
Demonstrate SME level knowledge and stay current with emerging threats, industry trends, frameworks (e.g., NIST, ISO 27001), and best practices, adapting the team’s approach as needed
Manage security operations (e.g., SOC) and oversee the configuration, performance, and maturity of monitoring platforms, security tools, and operational procedures
Conduct or participate in the budget planning, vendor negotiations, and third-party security reviews, aligning spend and contract requirements with security risk reduction goals
Manage the cybersecurity awareness program and constantly work on new ways of improving employee awareness based on current and emerging threats
Perform periodic technology risk assessments and present findings to the senior leadership. Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the cyber security program
Update the incident response plan and corresponding playbooks as appropriate. Lead incident response tabletop exercises by partnering with all the required stakeholders
Qualification
Required
At least 10+ years of proven experience leading cross-functional cybersecurity teams and delivering security strategies and programs at scale
Advanced understanding of cybersecurity frameworks (e.g., CIS, NIST, ISO and others), regulatory guidelines, and technical security standards
Demonstrated ability to communicate, influence, and build consensus with senior leadership and peers
Expertise in incident response, threat intelligence, vulnerability management, network and endpoint security, and security architecture
Excellent analytical, problem-solving, and decision-making skills with a proactive, results-oriented approach
Strong financial acumen in managing budgets, negotiating contracts, and measuring risk reduction ROI
Experience with security tools (e.g., SIEM, IDS/IPS, firewalls), scripting and automation (Python, PowerShell), and cloud security platforms is highly desirable
Track record of building and developing a strong security culture and facilitating employee training and awareness programs
Preferred
Professional security management certification such as CISSP, CCSP, CRISC, CASP+, CISM, and/or CISA
Hands-on experience in cloud infrastructure security with Microsoft Azure and O365
Financial industry experience, especially in the Asset Management sector
Hybrid infrastructure experience
Company
Marathon Asset Management
Marathon Asset Management LP is a global alternative investment and asset management company with approximately $11 billion in capital
51-200 employees
H1B Sponsorship
Marathon Asset Management has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2024 (1)
2023 (4)
2022 (1)
2021 (1)
2020 (5)
Funding
Current Stage
Growth StageTotal Funding
unknown2016-06-22Private Equity
Leadership Team
Scot Pasquale
Chief Financial Officer
Jamie Raboy
Chief Operating Officer, Chief Risk Officer
Recent News
2025-12-15
GlobeNewswire
2025-12-05
Company data provided by crunchbase