This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

The New York State wants YOU to start a career here!

To post a job, login or create an account |  Post a Job

Director of Information Security – GRC


This is a Full-time position in New York, NY posted August 27, 2021.

At MetaBank, we take tremendous pride in our mission to create financial inclusion for all.

We are the leader in providing innovative financial solutions for people who have been seemingly overlooked by traditional financial institutions.

Our goal is to bring tangible solutions that help people develop a plan, gain access to financial systems, establish liquidity, and get practical, systemic assistance to stay on rack.

We operate in several different financial sectors including payments, commercial finance, tax services, and consumer lending.

We are in the business of providing services that change lives, and we are confident that MetaBank will be the most rewarding work of your career.

The ideal candidate will be a highly motivated self-starter who thrives in ambiguity, loves variety, moves with a high sense of urgency, and is creative and flexible in an ever-changing environment.

Your work will be highly visible and impactful, so you will need to bring passion for our mission and live our Humble, Hungry, and Smart values daily.

Humble – You lack excessive ego or concerns about status.

You’re quick to point out the contributions of others and slow to seek attention for your own.

You share credit, emphasize team over self, and define success collectively rather than individually.

Hungry – You are always looking for more…more things to do, more things to learn and more responsibility to take on.

You’re self-motivated, diligent, and are consistently thinking about the next step and the next opportunity.

Smart – Simply stated smart refers to your common sense about people.

You’re inter-personally appropriate and aware.

You have good judgement and intuition around the subtleties of group dynamics and the impact of your words and actions.

About the Role: MetaBank is seeking a cyber security expert to assist its EISO with the Bank’s strategic GRC initiatives and information security projects.

We are seeking a multifaceted security leader who can perform the fundamental roles of a GRC director, which include but are not limited to creating and leading projects that enhance the information security teams governance program, take part in the management of the banks technical risks, and oversee the banks compliance with industry regulations.

As a pivotal member of the Information Security team, this individual will work closely with the EISO as well as large stakeholders across the Bank in order to enable a better understanding of large-scale cyber security, governance and compliance issues.

What you will do: Assist the EISO in creating long term security strategies, as well as roadmap various governance models.

Oversee information security policies and ensure that they meet both internal and external requirements of the industry including GLBA, FFIEC, PCI, SOX and HIPPA.

Identify information security issues/risks related to governance, risk, and compliance.

Monitor risk management programs for the Bank’s processes and systems.

Partner with other teams across the firm to ensure that pertinent GRC issues are managed.

Develop new policies and risk reports that are based on frameworks that are currently in place.

Keep up with ongoing trends and changes within the GRC community, and make sure that the firm is up to date with the latest relevant methods and practices.

Support regulatory and corporate compliance initiatives as they pertain to the company’s information security requirements Gramm-Leach-Bliley Act (GLBA), Payment Card Industry (PCI) & Sarbanes-Oxley Act (SOX).

Responsible for supervision of others to include hiring, training, assigning and directing work, establishing goals, evaluating performance and resolving employee-related issues.

What you will need: 10 years of Information Security related experience and/or training Minimum of 5 years in a complex IT environment Professional security management certifications are highly preferred Extensive knowledge of GRC, and GRC best practices Possess the ability to multi-task between projects while communicating any necessary information to stakeholders.

Understanding of the CIS, NIST and other frameworks as well as other associated cyber security standards Ability to process and understand complex information relevant to cyber security initiatives.

Ability to create detailed documentation and diagrams using Microsoft Office Suite Archer GRC experience CISSP, CISM, CRISC, PCIP Certification desired.

Security engineering experience is a plus.

Bachelor’s degree preferred or equivalent experience required