Information Security Program Manager

Description: GENERAL SUMMARY: The Information Security Program Manager participates in all aspects of information security systems program (ISSP) including the maintenance of security policies, requirements, processes and associated reviews. The candidate will focus on information security and technology activities to identify, assess, control, and manage cyber risk throughout Rosenthal Collins Group (RCG). PRINCIPLE DUTIES AND RESPONSIBILITIES: 1. Ensure that our Information Security Systems Program (ISSP) meets all industry regulations, standards, and compliance requirements. 2. Structure and maintain the ISSP to be long term, so ultimately we are not changing just behaviors but creating a secure culture 3. Create a metrics framework that can effectively measure and communicate the impact of the program 4. Act as the conduit to senior leadership on security risks and mitigation alternatives. 5. Establish strong relationships with department managers, teaching, advising and mentoring in relation to security principles, policies and practices. 6. Conduct evaluations of technology procedures and processes to assess effectiveness of controls as well as to ensure alignment with business objectives and security requirements. 7. Focus on information security and technology activities to identify, assess, control, and manage cyber risk throughout the company 8. Will work closely with members of the technology, operational and compliance teams as it relates to the assessment of new and evolving threats, as well as emerging and core technologies that support key processes. 9. With the support of the Operation & Steering Group members, the ISPM will be empowered for the effective execution of support activities related to the ISSP Requirements: Skills: Brings broad experience as well as, a strong understanding of security concepts. Ability to communicate complex messages in a simple, clear and concise manner within our organization. Communicates tough issues to stakeholders and keeps an independent opinion. Brings broad experience as well as, a strong understanding of security concepts. Providing management support in the form of organization, directing and coordinating, planning and execution of all support activities. Must be able to demonstrate business, technical and industry knowledge while assessing business risks, identifying key controls, and performing risk-based testing of technology controls. Have a positive, outgoing personality that loves working with and ultimately helping others. Certifications highly preferred are the CRISC or CGRC Experience: Possess a minimum of 4 years of continuous experience in the field of cyber-security logistics support and/or management Sufficient experience in effectively communicating with higher level personnel in order to interface with all levels of management Experience in the financial, futures or brokerage industry as well as program management experience, business analysis, and strategic planning skills are highly preferred. Experience in or comfortable with getting in front of groups of people and presenting. Education: Bachelor’s Degree or equivalent work experience required with a higher education degree preferred.