×

Please log in to continue...

Login

Manager, Information Security and Risk

POSITION SUMMARY
The Manager, Information Security and Risk will oversee the maintenance of new and existing security processes, tools, and standards for NMI. This role will ensure information, assets, and technologies are protected in compliance with privacy, customer-trust, and laws and regulations applicable to financial institutions by government regulators. The Manager will work with stakeholders throughout the organization to develop business cases for new security projects, and in the risk assessment of existing and planned information systems. This position will also be responsible for Information Technology Governance, Risk and Compliance (GRC) projects and external resources, and overall responsibility for National MI’s Business Continuity/Disaster Recovery (BC/DR) program.

JOB DUTIES & RESPONSIBILITIES

  • Participate in development and implementation of the appropriate and effective controls to mitigate identified threats and risks.
  • Responsible for staying current with latest industry security practices, trends, and technologies. Subscribe to threat notification networks, new regulations, and information sharing networks to stay current on requirements and new threats to the industry.
  • Work with internal and external auditors and lender compliance assessors to document and confirm all security administrative duties are properly performed and report on overall compliance.
  • Manage formal and informal training programs for contractors and stakeholders throughout the organization.
  • Manage Information Security Risk-related projects as assigned, including the evaluation of any new applications and/or vendors for IT Risk Management adequacy.
  • Maintain all appropriate IT and IT compliance records as required by law and internal policies.
  • Manage BC/DR program to ensure alignment with company strategy and policies. Conduct resilience scenario testing such as tabletop, structure walk-through, simulation, parallel; development and maintenance of BC/DR plans and corporate emergency procedures; and provide periodic Business Impact Analysis with all business units as per best security practices.
  • Responsible for GRC including maintaining IT Governance Policies to align with regulatory, business and industry practices, managing external resources, and managing NMI’s GRC platform to support remediation tracking efforts.
  • Manage large scale outsourced IS and Risk team including resourcing and output.
  • Maintain and track IT compliance with regulatory, business and industry practices including SOX, GLBA, and NYDFS.
  • Maintain risk register and review with management, as needed.
  • Perform IT security risk assessments, both qualitative and quantitative.
  • Ensure Information Security Risk Management Policy is followed, and all activities comply with this policy.
  • Provide ad hoc assistance, as needed.

SKILLS & KNOWLEDGE

  • Bachelor’s degree in computer science, a related field or equivalent work experience.
  • CISSP, CISM, CISA or equivalent in good standing is strongly preferred.
  • 6 or more years of progressive experience in information security or audit and compliance.
  • Two years of experience in management is preferred.
  • Knowledge of data compliance and privacy standards and regulations as they apply to insurance and banking industries.
  • Experience working with Risk, Security, or Audit frameworks (i.e., COBIT, COSO, ISO 27001/2, NIST 800-53, AICPA, BITS).
  • Understands the role security has within all aspects of the IT infrastructure.
  • Knowledge and understanding of current disaster recovery planning techniques and technologies, and methods used in performing risk analysis and business impact analysis
  • Experience with developing IT Security policies, standards, and procedures.
  • Strong organizational, interpersonal, written and oral communications skills.
  • Excellent project and technical management skills.
  • Demonstrates strong analytical and troubleshooting skills.
  • Ability to manage external resources.
  • Self-motivated, self-directed, and attention to detail while working with data.
  • Ability to effectively prioritize and execute tasks in a fast-paced, results-driven environment.
  • Strong customer service skills and values.
  • Works ethically and with integrity supporting organizational goals and values.
  • Maintains confidentiality of information and uses information appropriately.
  • Contributes to building a positive team spirit and treats others with respect.

Base Salary Range: $123,000 – $158,000/year

*Posted Base Salary Range applies to current posting and may change in the future. The posted Base Salary Range may vary for key factors including, but not limited to location, experience and skill set. Benefit eligibility includes healthcare, life and disability insurance, 401(k), monthly allowance, 20 days of PTO, 9 paid holidays, and bonus and equity potential. Additional benefit offerings may be found at https://www.nationalmi.com/career-benefits/.

National MI is an Equal Employment Opportunity employer and is committed to a diverse workforce. We value and actively seek to recruit, develop, and retain individuals with varied backgrounds and experiences reflecting the full diversity of the communities that we serve. It is the policy of the National MI to comply with all applicable laws concerning the employment of persons with disabilities.

Job Category
Computer and IT
Job Type
unspecified
Salary
USD 123,000.00 - 158,000.00 per year
Country
United States
City
Emeryville
Career Level
unspecified
Company
National Mortgage Insurance Corporation
JOB SOURCE
https://nationalmic.applicantstack.com/x/detail/a21h5rxwx0n0