Manager - Risk & Compliance - Diverse Linx

Roles & Responsibilities:

- Support Client audit teams by coordinating for collection and timely submission of evidence for security assurance and compliance reporting.

- Track issues/finding and follow workflow for sign-off/approval for issues, remediation plans, and exceptions.

- Good Understanding of compliance and regulatory requirements such as SOX, PCI, SOC2 attestation

- Working knowledge of ISO 27001/ NIST framework

- Should have exposure to Cyber Security Audit programs.

- Understand the ITGC controls objectives, co-ordinate, collect, evaluate before submission of evidence/artifacts to internal and external auditor(s).

- Tracking and timely reporting of Issue/ findings and exceptions

- Plan and Initiate risk assessment with service/ application owners

- Conduct Security risk assessment on application and services

- Analyze and redress the causes and risk factors of known security gaps in a Customer s technology infrastructures

- Document detailed findings & recommendations

- Risk prioritization and record the gaps in the ServiceNow tool

- Draft and finalize the risk assessment report and closing assessment in the tool

Qualifications

- Stellar documentation, requirements definition experience.

- Superb communication skills (elicit requirements, interviews).

- Self-motivated, ability to initiate and take action with minimal supervision.

- Ability to document complex processes, technical information.

- Previous experience or understanding of NYDFS regulation, security governance knowledge preferred (just to understand the concepts not looking for someone necessarily that has NEW NYDFS reg experience).

- US Eastern or Central time zones (would say ideally candidate would be onshore in the US but as long as they have other skills and can meet requirements).

- Persistence.