Information Security Governance Lead - Flexible (220000CN)
Primary Location : UNITED STATES-NC-Charlotte
Other Locations : UNITED STATES-NY-SYRACUSE
Organization : Equitable
Schedule : Full-time
At Equitable, our power is in our people.
We're individuals from different cultures and backgrounds. Those differences make us stronger as a team and a force for good in our communities. Here, you'll work with dynamic individuals, build your skills, and unleash new ways of working and thinking. Are you ready to join an organization that will help unlock your potential?
Description of Responsibilities:
The Information Security Governance Lead works in coordination with Information Security, IT management and Business Owners to drive the organization towards alignment with Information Security policies and strategies done through a combination of governance tools including policy management, security awareness and training, communications, metrics and reporting.
* Position reports to Head of Information Security Governance, Risk and Strategic Program Management and will manage existing staff and teams to perform and manage the following functions and responsibilities
* Coordinate with enterprise stakeholders to understand, track and report on all efforts related to information security as well as communication to ensure awareness of policy changes to impacted parties
* Manage IS Policy, Standard, Procedures and Guideline lifecycle management
* Responsible to define, create, gather, maintain and report on Information Security metrics, including the development and maintenance of an Information Security metrics dashboard, that is reported at various levels within the organization including Executive Management
* Develop and manage data governance structure and related initiatives (such as electronic data classification and retention), working directly with data owners, CISO data loss prevention team and IT.
* Responsible for all aspects of providing Information Security awareness training across the enterprise, including
awareness for all levels of employees and contractors
* Conduct phishing campaigns and related training to teach employees how to detect and avoid phishing attacks
* Information security communications and marketing and serve as the marketing lead for the Information Security department
* Coordinate with Corporate Communications and other communication channels to deliver communications regarding information security initiatives and releases
* Develop and maintain the InfoSec intranet and assorted newsletters
* Responsible to coordinate with InfoSec team leaders to document and maintain progress reporting on program maturity as measured against the NIST Cyber Security Framework and the Cybersecurity Maturity Model
* Information security administration coordination and take lead role in various administrative tasks such as status reporting and creation of management presentations
* Participate in personal administrative tasks such as team meetings, training, status reporting, and participating in corporate improvement committees, etc
Skills required to be successful
Agile Methodologies: Knowledge of concept and principles of agile methodology; ability to apply appropriate agile approaches in the processes of software development and delivery. Information Security Management: Knowledge of the processes, tools and techniques of information security management; ability to deploy and monitor information security systems, while detecting, controlling and preventing violations of IT security. IT Governance: Knowledge of the accountability framework and processes used to encourage proper behavior in IT activities and operations; ability to implement IT systems and controls to meet business needs and requirements. Diversity, Equity and Inclusion: Demonstrates a commitment to Diversity, Equity and Inclusion by treating everyone with respect and dignity, ensuring all voices are heard and advocating for change.
* B.S. in Computer Science, Information Security, Information Assurance, or similar field
* 8+ years serving in a variety of Information Security roles
* 3+ years Information Security Governance or IT Auditing roles
* 3+ years' experience with developing and managing information security related policies, standards and procedures
* 5+ years prior experience managing staff and teams
* 3+ years' experience working with a GRC tool such as Archer a plus
At Equitable, we're a team of over ten thousand strong; committed to helping our clients secure their financial well-being so that they can pursue long and fulfilling lives.
We turn challenges into opportunities by thinking, working, and leading differently - where everyone is a leader. We encourage every employee to leverage their unique talents to become a force for good at Equitable and in their local communities.
We are continuously investing in our people by offering growth, internal mobility, comprehensive compensation and benefits to support overall well-being, flexibility, and a culture of collaboration and teamwork.
We are looking for talented, dedicated, purposeful people who want to make an impact. Join Equitable and pursue a career with purpose.
Equitable is committed to providing equal employment opportunities to our employees, applicants and candidates based on individual qualifications, without regard to race, color, religion, gender, gender identity and expression, age, national origin, mental or physical disabilities, sexual orientation, veteran status, genetic information or any other class protected by federal, state and local laws.
NOTE: Equitable participates in the E-Verify program.
If reasonable accommodation is needed to participate in the job application or interview process or to perform the essential job functions of this position, please contact Human Resources at (212) 314-2211 or email us at TalentAcquisition@equitable.com .
Internal Number: 220000CN
Our mission is to help our clients secure their financial well-being so they can pursue long and fulfilling lives.