Director Information Security – Cyber GRC Job at Cenlar FSB
Director Information Security – Cyber GRC
Start something good. Empower your career. Become an employee owner at Cenlar.
Employee owners have made Cenlar the nation’s leading mortgage loan subservicer. Our unique culture is defined by our core values of respect, trust, integrity and care. Company ownership, a promote-from-within philosophy, and opportunities for continuous professional growth make Cenlar a great place to launch or boost your career. Consider this opportunity to join our team as Director Information Security – Cyber GRC.
This Director of Information Security role leads the Corporate Security Office (CSO) Governance, Risk, and Compliance (GRC) efforts. In this role, the
Director InfoSec-GRC will report to the Chief Information Security Officer with visibility and accountability to our senior and executive leadership teams, as well as our clients and regulators. This role interacts directly with CSO Leadership and collaborates with a wide range of stakeholders across the enterprise including: CSO, Cybersecurity, Information Technology and with cross-functional teams, including the Cenlar Controls Office, L2 functions within Enterprise Risk Management, as well as with leadership of Internal Audit, Compliance, Legal, and business operations.
This Director InfoSec – Cyber GRC is critical to our Bank and adds value for our executives, clients, and regulators. The Director InfoSec – Cyber GRC, with the support of Senior Leaders, Directors and Engineers will direct GRC compliance initiatives and execution of audits surrounding Cenlar’s Information Security Program. This role is involved with various compliance-related projects, including coordination and support of audit and examination execution, risk and controls related data analytics, targeted risk assessment activities, issues management, coordination of Risk Control Self-Assessment (RCSA) efforts, process mapping and improvements, and risk and controls framework mapping. Cenlar relies heavily on leadership expertise and anticipates a high degree of professionalism to deliver the highest quality of professional service that Cenlar clients and the Bank both require and expect. The Director InfoSec-GRC is responsible for leading, performing, and reviewing the work on assigned engagements; and, as needed, will be the liaison between the CSO, Bank staff, and key stakeholders.
Responsibilities:
- Leads and supports CSO engagement in the performance of all facets of audits and examinations including SOC1 and/or SOC2 engagement, OCC regulator examination or supervisory reviews: Conducts resource planning for audit programs or examination requests, assist in audit execution, team management, quality and end deliverable(s) review
- Performs extensive MS-Excel analysis as part of engagements, risk and control mapping, and other services
- Manages InfoSec – Cyber GRC-related KPI’s and metric
- Interacts with cross functional teams and manage multiple projects simultaneously including deadlines and as needed, budgets
- Prepares and reviews all CSO deliverables: report responses, security and compliance framework mappings, remediation evidence efforts, and strategic roadmap documentation
- Supports planning to mature Cenlar’s Information Security Program aligned to regulatory frameworks and best practice recommendations, etc.
- Demonstrates solid understanding of Cenlar’s business, technologies and related risks and controls.
- Maintains technical and practical knowledge about the Mortgage Servicing and Subservicing industry; bring knowledge to the execution and oversight of audits and examinations
- Leads and mentors all levels of staff: assist with performance reviews, contribute to performance feedback and training, develop and communicate workplace culture and code of conduct
- Supports the recruiting, development and mentoring of a talented team of professionals, to help bring growth to the Cenlar Security Program and Cenlar’s business
- Develops and maintains strong strategic relationships with clients and key industry contacts
- Identifies opportunities for service methodologies or work process to support Cenlar teams and clients
- Assists in development and implementation of policies, procedures, standards, and guidelines to support CSO Security Program priorities
Qualifications:
- Bachelor’s degree or equivalent work experience
- Master’s degree and/or professional information security certifications (e.g. CISA, CISM, CISSP) preferred
- Azure certification preferred (Microsoft Certified: Azure Security Engineer Associate)
- Direct MS-Azure cloud security governance implementation experience
- Minimum 5- 7+ years of experience in Compliance and/or IT Auditing, with at least 6 years overall audit or data analytics experience.
- Ability to interact with a broad cross-section of personnel to explain and enforce security measures
- Excellent organizational skills and effective listening, communication, and presentation skills to present complex topics to senior management in a persuasive manner
- Experience with SOC1 and SOC 2 protocols, federal, state and international privacy regulations, frameworks such as ISO/IEC 27001 ISO/IEC 27002, NIST, PCI DSS, GLBA, and the FFIEC IT Examination Handbook and other pertinent compliance regulations and/or guidance preferred
- A former member of an assurance or consulting team from one of the Big 4 firms is a plus
- Deep understanding of technology and compliance in the context of GRC in the financial services industry
- Proven ability to influence and resolve issues with senior leaders and clients; strong negotiation skills is desirable
- Hard working, detail oriented with the ability to motivate teams
- Self-driven, highly motivated, and able to work well independently and in a team environment
- Proven experience with building strong relationships and instilling trust with clients and internal teams
- Strategic thinker with ability to make prudent business decisions
- Strong communication skills - ability to articulate verbally and in writing
- Ability to work effectively across multiple clients and teams, geographies, and time zones to achieve common goals
- Ability to own and strengthen client relationships to generate additional engagement opportunities through excellent quality, timely execution, and strategic approach to service delivery
- Proficient in the use of Microsoft Office Suite with strong MS-Excel skills
- Must have knowledge of government and regulatory agencies policies/procedures/guidance from a security and audit perspective
- Banking and/or mortgage servicing understanding and knowledge to inform the security approaches that will support the operational processes is a plus
Total Rewards:
As an employee-owner at Cenlar, you’ll receive an outstanding benefits package that includes paid medical, dental, and life insurance, 401(k), and tuition assistance as well as opportunities for training and professional advancement.
Cenlar is a drug-free workplace and an equal employment opportunity/affirmative action employer M/F/D/V/SO.
Please Note :
caminobluff.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, caminobluff.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.