Director, Cyber and Information Risk - Independent Risk Review Lead jobs in United States
cer-icon
Apply on Employer Site
company-logo

CLS Group · 15 hours ago

Director, Cyber and Information Risk - Independent Risk Review Lead

positionIselin, New Jersey, United States
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$180K/yr - $210K/yr
date7+ years exp

CLS is the trusted party at the centre of the global FX ecosystem, and they are seeking a Director for Cyber and Information Risk to lead independent reviews of their Information Security and Data Management programs. The role involves assessing the effectiveness of these programs and providing oversight on risk remediation efforts within the organization.

Data ManagementFinancial ServicesRisk Management

Responsibilities

Assist the Head of Technology and Information Risk Management and Head of Enterprise Risk and Operational Risk Management in driving the culture of engagement, teamwork and accountability
Lead horizontal reviews of top information security and data management risks, identifying gaps in control coverage and recommending control improvements to address identified gaps
Complete thematic reviews of information security and data management operational risk events and associated proposed actions to propose control enhancements that reduce risk of recurrence
Work with the Information Security and Data Management teams to review control capabilities against industry standards and lead efforts to strengthen the control environment in line with the evolving threat landscape
Review and challenge actions to address gaps, monitor progress of actions, and validate sufficiency of closure evidence
Prepare status reports as needed and present to Technology Leadership, Audit, and regulatory bodies as required
Review and challenge the sufficiency of planned actions to address identified problems, provide stated benefits, and meet regulatory expectations
Review and monitor the progress of actions and validate sufficiency of closure evidence
Prepare status reports as needed and present to Technology Leadership, Audit, and regulatory bodies as required
Actively present to various committees and forums to keep management educated on status of independent reviews, challenges to risk remediation efforts, and progress on control improvements
Be a respected point of contact to stakeholders across the business and technology functions in providing credible operational risk coverage for information security and data management risk
Review and challenge relevant policies, standards, and procedures related to CLS information security and data management processes
Provide guidance and support to junior members of the team
Interact with and / present to the Federal Reserve Bank of New York in regular continuous monitoring meetings
Ability to influence and gain credibility with the business

Qualification

Information Security GovernanceData Management RiskRisk Management FrameworksCyber ResilienceIncident ResponseCloud SecurityThird-party Risk ManagementNetwork SecurityData GovernanceCISSPCISMCISACRISCMS PowerPointMS ExcelMS Office SuiteEnterprise GRC Tools

Required

7+ years of experience building, maintaining, and managing information security and data management risk governance, operations, and risk management functions
Broad-based technology experience at substantial scale and complexity in a global, highly regulated, high-volume transaction environment. Experience must include time operating within transaction services environments characterized by the need for continuous availability and the highest levels of security
Experienced developing and managing Enterprise and Operational Risk programs related to information security and data management, including implementing risk and control frameworks in accordance with best practices and Basel requirements
Experienced leading in a complex matrixed organization, ideally in a global firm with a dynamic and rapidly changing environment
Experienced leading within a highly regulated environment, with a preference for experience at the international and federal levels
Deep knowledge of information security and data management risk and control frameworks and a strong understanding of related policies, procedures, guidelines, and structure
Functional expertise, with operational knowledge of and exposure to various current and emerging information security and data management areas such as: Cyber resilience, Identity & privileged access management, Secure coding practices, Cloud security configuration and control frameworks, Artificial Intelligence, Third-party risk management, Incident response, Threat/vulnerability management, Network security, Data governance, Data quality, Data architecture/lineage
B.S. in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent). M.S. desired
Relevant certification is desirable, e.g., CISSP, CISM, CISA, CRISC
Working knowledge of information security and data management life cycles based on an established framework: CRI, NIST CSF, NIST SP 800-53, ORX, ISO 27001, SANS, CERT, ENISA, CSA, OACA, ISACA, DAMA-DMBOK
Proficiency in MS PowerPoint and Excel

Preferred

Experience in broader MS Office suite, including Project and Visio is a plus
Experience with enterprise GRC tools, e.g. Archer is a plus

Benefits

Holiday - UK/Asia: 25 holiday days and 3 ‘life days’ (in addition to bank holidays). US: 23 holiday days.
2 paid volunteer days so that you can actively support causes within your community that are important to you.
Generous parental leave policies to ensure you can enjoy valuable time with your family.
Parental transition coaching programmes and support services.
Wellbeing and mental health support resources to ensure you are looking after yourself, and able to support others.
Employee Networks (including our Women’s Forum, Black Employee Network and Pride Network) in support of our organisational commitment to embrace and always be learning more about inclusivity.
Hybrid working to promote a healthy work/life balance, enabling employees to work collaboratively in the office when needed and work from home when they don’t.
Active support of flexible working for all employees where possible.
Monthly ‘Heads Down Days’ with no meetings across the whole company.
Generous non-contributory pension provision for UK/Asia employees, and 401K match from CLS for US employees.
Private medical insurance and dental coverage.
Social events that give you opportunities to meet new people and broaden your network across the organisation.
Annual flu vaccinations.
Discounts and savings and cashback across a wide range of categories including health and retail for UK employees.
Discounted Gym membership – Complete Body Gym Discount/Sweat equity program for US employees.
All employees have access to Discover – our comprehensive learning platform with 1000+ courses from LinkedIn Learning.
Access to frequent development sessions on a number of topics to help you be successful and develop your career at CLS.

Company

CLS Group

twittertwittertwitter
company-logo
CLS Group provides settlement, processing, and data solutions that reduce risk and deliver efficiency.
dateFounded in 2002
location
London, England, GBR
people-size501-1000 employees
web-link
https://www.cls-group.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Marc Bayle de Jessé
Chief Executive Officer
linkedin
leader-logo
Ash O.
HR Business Partner
linkedin

Recent News

FX News Group
CLS welcomes RCBC as third-party participant in CLSSettlement
2025-12-11
FX News Group
Banco Monex goes live on CLSNet
2025-10-15
FX News Group
U.S. Bank National Association joins CLSSettlement as settlement member
2025-09-18
Company data provided by crunchbase