Information Security Officer, Director
280 Park Ave Fl 10 New York City, NY 10017 US
Job Description
 Asset Management company with 400 employees in 6 offices worldwide is looking to add a well-rounded Information Security Officer to the team, reporting directly to the Chief Information Security Officer. The Information Security Officer will function within the IT team and will work closely with the IT Infrastructure and Operations team on all security-related tasks. Committed to an inclusive culture, valuing diversity in support of our people and clients.
Major Responsibilities/Activities:
- Maintain all security-related documentation, including security policies and procedures
- Review vulnerability scans and coordinate remediations with the IT Infrastructure and Operations Teams
- Be a central incident response coordinator and forensic investigator for IT and security incidents
- Implement new security projects and initiatives and maintain existing security solutions
- Coordinate firewall rules, changes, and configuration updates with Network Engineering team
- Review SIEM logs and alerts and coordinate responses with managed service provider
- Work with the IT Infrastructure and Operations team on Patch Management, Identity & Access Management, Penetration Testing, and Change Management
- Perform IT vendor due-diligence and risk assessments for new and existing vendors
- Coordinate security training, including annual training, new-hire training, phishing tests, social engineering, table-top exercises, and other security-awareness training
- Coordinate IT audit requests for Sarbanes-Oxley, SSAE-18, and financial regulatory audits
- Assist with security and DR/BC questions for client RFPs
- Prepare periodic security KPI reports
- Function as a Subject Matter Experts to the company on all security-related matters
Minimum Requirements:
- A Bachelor’s degree is required
- Minimum 5 years of experience in information security, cybersecurity, security architecture, and/or risk assessment is required
- Experience with Incident Management, Vulnerability Scanning, and Identity & Access Management
- Experience with firewall configurations and SIEM security solutions
- Knowledge of information security risk assessment is required
- Security certifications, such as CISSP, CISM, CISA, and/or CRISC
- Experience with the ISO 27001 security framework
- Experience with the usage of vulnerability scanning tools (Nexpose, Metasploit, Kerberoast etc.,) is desirable
- Knowledge of security frameworks such as MITRE ATT&CK is desirable
- Exceptional verbal and written communication and project management skills are required
- Team-player with a high degree of professionalism, efficiency, and analytical skills
- Experience working for a financial company is preferred, but not required
- Demonstrates inclusive behaviors in support of a culture that values diverse perspectives
Meet Your Recruiter
Cara Partovich
VP of Recruiting
A graduate from Penn State where she received her degree in Communications and Business. She has been with TPG since February 2016, and got into recruiting as she has always been intrigued by it. When she is not in the office you can find her hanging in the city or traveling with her husband, baby girl and dog.