Governance, Risk and Compliance manager (Lead)

Posted 15 September 2022
Salary US$160000 - US$190000 per annum + +Stock
LocationNew York
Job type Permanent
DisciplineCyber Security
Reference0098_1663252703
Contact NameAshleigh-Jean Phipps

Job description

Broadgate have exclusively partnered with One of the world's fastest and largest growing Event ticketing market place who are heavily investing into their GRC and Security team this year! They are searching for a real self-starter to join and lead their GRC function as the GRC manager, where you will assist their world class team of information security experts to help create and align the current compliance capabilities and implement governance controls to effectively mitigate information risk and demonstrate information security best practices against sought after information security frameworks such as PCI DSS, HIPAA, GDPR ect.

They have doubled in size this year and are continuously expanding and growing so if you are a NYC based (or willing to relocate) InfoSec and GRC specialist with:

  • 4+ years of experience in Information Security Governance, Risk and Compliance
  • Prior experience fulfilling e-discovery requests and Microsoft's Purview Compliance Portal and toolset
  • Experience creating and updating company Risk policies, procedures, and standards.
  • Experience working with NIST CSF (or similar) security framework and PCI DSS** standards
  • CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Control) or CIPP (Certified Information Privacy Professional) certifications helpful, but not required
  • Operational experience in applying risk frameworks to technologies (including cloud and on-prem) and continuous processes (including DevOps) very helpful
  • Hands on experience with change management processes and internal IT Audits.
  • Ability to commute to the Manhattan office 3 days a week

Responsibilities:

  • Be a GRC authority and respond to any internal questions/requests
  • Conduct e-discovery searches as required by the Legal team
  • You will work with business teams across the company to help execute the Information Security, Governance, Risk & Compliance strategy, extending processes as necessary to help business partners identify information security risks and manage risks to an acceptable level
  • You will research, architect, and execute solutions that will advance risk monitoring & controls and preform control testing to ensure existing controls continue to be effective at reducing risk
  • You will advise on additional controls needed for the mitigation of risks in accordance with the Information Security Process, Risk & Controls framework, and in compliance with regulatory requirements and industry standards
  • You will track compliance to regulatory and industry standards, including Payment Card Industry Data Security Standard (PCI DSS)
  • You will proactively provide relevant inputs to the global risk framework based on the latest government and industry information regarding new threats and vulnerabilities and communicate relevant information to appropriate teams, soliciting action plans if needed.
  • You will monitor and manage the IT Security risk register to ensure that all IT Security risks are accurately represented and actively managed

Compensation:

  • Base salary of $140 000-$160 000 (Very much based on experience & Skill set)
  • Excellent Health, dental & Vision care
  • Hybrid working and wellness benefits.

To get all the details apply NOW or contact (LinkedIn: Ashleigh-Jean Phipps) for a confidential discussion.