Director, Information Security - Regulatory & Controls

Monitor relevant laws, regulations, and standards to ensure security practices align with regulatory requirements.,Own regulatory compliance programs such as NY-DFS, GLBA, and FFIEC assessments.,Serve as primary point of contact for regulatory bodies during audits.,Create materials for and participate in regulatory exams and quarterly briefings to regulators.,Develop responses and drive resolution of Issues, Deficiencies, Matters Requiring Attention (MRAs), and Supervisory Recommendations (SR's) assigned to US Region Information Security.,Work closely with US TI&I Risk & Controls Team, Regulatory Affairs, Operational Risk Management (ORM), and Internal Audit.,Assist with creation of materials for Annual Cyber Security Board Review and Quarterly Board Risk Committee Meetings.,Conduct Risk and Control Self-Assessment (RCSA) for Information Security and provide input into RCSA for all other lines of business.,Map controls to industry frameworks (e.g., NIST, PCI, MITRE).,Work closely with controls testing teams.,Drive remediation of ineffective controls owned by the US and provide oversight of control effectiveness for enterprise controls impacting the US.,Act as secretary for the Cyber Security Controls Oversight Council.,Recruit and hire Information Security professionals.,Provide ongoing advice and direction on complex conceptual or interpretative issues.,Establish and leverage peer relationships within the US Region and Parent bank organizations.,Foster relationships with middle to senior management and senior executives across Risk Management and Technology functions.

Experience at a financial institution of similar scope and scale with direct experience working with regulators and regulatory compliance programs.,Advanced knowledge of applicable US laws and regulations as they relate to Information Security and the effective management of Information Security Risks (an asset).,Caring and accountable leader.,Experience developing and implementing strategic team goals.,Experience coaching employees and inspiring successful team performance.,Strong critical thinking skills.,Ability to notice details.

Does not offer visa sponsorship.