logo

View all jobs

Senior Security Compliance Specialist

New York, NY



Support the Firm in ensuring we continuously set a high bar for security compliance across our domestic and international office locations. This role reports to the Information Security Directors in leading our global information security operations.  Lead the team in completing client security assessments, updating policies, performing evidence gathering and ensuring technology artifacts are current. You will be responsible for assessing information risk and facilitating remediation of identified issues.  Success in this position is exhibited by collaborating with our information security team, information technology engineers and partners to detect, investigate and resolve suspected security events and to drive new IT security initiatives to improve our security posture.   

ESSENTIAL DUTIES AND RESPONSIBILITIES
  • Conduct, review and respond to client security questionnaires, audits, client assessments.
  • Evaluate our information security policies in contrast with client security frameworks.
  • Ensure our cyber risk and audit findings are communicated, managed and remediated.
  • Perform risk analysis with IT leadership and department owners to identify potential gaps.
  • Perform regular reviews of our company security policies and procedures, updating them to meet new security guidelines, client requirements and company strategy.
  • Interact with external auditors to maintain our ISO 27001 certification and compliancy in all our offices world-wide
  • Maintain our Third Party Risk Management program
  • Experiencing with working in cloud environment (i.e., Microsoft Azure/M365) to help identify and remediate informational risks.

QUALIFICATIONS
  • Strong knowledge of security frameworks to include NIST and ISO 27001
  • Third Party Risk Management experience
  • Experience in security of cloud services (i.e., Microsoft Azure/M365), infrastructure, end-point, networks and identity.
  • Recommend and implement solutions which can strengthen our internal and cloud security posture.
  • Experience with client assessments and conducting business impact and risk based analysis
  • Progressive experience in IT  maintaining security solutions for M365
  • Ability to multitask and/or pivot quickly based on business priorities
  • Self-starter and ability to work independently with excellent written and verbal communications skills
  • Must be passionate about security and strive to ensure the Firm is protected against evolving cyber threats
  • Knowledge of risk assessment methodologies and technologies
  • Willingness to travel

EDUCATION/CERTIFICATIONS
  • A college degree (BA/BS) or equivalent work experience.
  • Certification(s) in Security/Audit/Compliance is a plus.
  • Progressive experience in an IT security Role.


 
Powered by