Senior Manager, Cyber Security Assurance

Category: Corporate Services
Location: Alpharetta, GA
Job ID: 12445
Posted Date: July 25, 2019

More than 30 years ago, E*TRADE pioneered the online brokerage industry by executing the first-ever electronic individual investor trade. While the landscape of our industry has changed dramatically, our culture of innovation and drive to make online trading accessible to everyone continues to drive us forward. We believe in challenging the status quo, fostering an environment of curiosity and learning, and, above all, putting our customers first.

RESPONSIBILITIES

SUMMARY

E*TRADE’s Corporate Services (ETCS) is the leader in equity compensation administration for public and private corporations, offering a best-in-class administration platform, service excellence, and a robust stock plan participant experience. This strategically important division is a key revenue driver of retail brokerage accounts and assets for E*TRADE Securities.

The Senior Manager, Corporate Services (ETCS Cyber Assurance) is a highly motivated, consultative-minded individual with knowledge and experience within financial services and/or a technology company. The Senior Manager, ETCS Cyber Assurance is a key member of the ETCS’ Information Security Assurance team and responsible for managing and reporting on security compliance and assurance programs in a manner that meets corporate, legal and regulatory requirements. The Senior Manager, ETCS Cyber Assurance is responsible for the management and maintenance of Information Security related audits, vendor questionnaires, and third-party risk assurance and documentation on behalf of all E*TRADE Corporate Services (ETCS) Clients.

This position requires a strategic thinker with strong collaboration skills, detailed working knowledge of compliance best practices, and familiarity in implementing programs for maintaining compliance for a highly regulated business environment. The Senior Manager, ETCS Cyber Assurance must be highly knowledgeable about the business environment and must ensure that information systems are proactively maintained in a fully functional, compliant mode.

Additionally, they will possess solid presentation skills, and problem-solving skills, driven by an effective communications style that builds strong relationships and impacts outcomes and decisions. Partner effectively with internal partners and support teams to assist in the delivery of key strategic initiatives.

The position will report to the Director, Corporate Services (Business Governance & Controls) with dotted line to Director, Cyber Security.

RESPONSIBILITIES

  • Create and maintain information security related whitepapers, process documents and control matrices for ETCS SOC 2
  • Review and validate evidence requested for audits to ensure it meets the appropriate validity standards
  • Coordinate and facilitate the SOC IT general controls testing on behalf of the organization for mid year and year end
  • Collaborate to define the methodology and approach for testing controls and managing audit workpapers and documentation
  • Coordinate and facilitate the ISO 27001 certification on behalf of the organization.
  • Communicates and ensures programs are in compliance with applicable laws, regulations, policies, and standards
  • Coordinates with First and Second Line Risk Teams, and Internal Audit to facilitate key compliance processes and identify acceptable levels of risk
  • Collaborate with the Director of Cyber Assurance and department leaders to assess near- and long-term Information Security compliance needs
  • Serve as subject matter expert to internal/external business and technology teams on range of compliance standards as influenced by regulatory mandates (e.g. GLBA, SOX 404, HIPAA, FINRA CATetc.) and industry best practices (e.g. NIST CSF, ISO 27001, ITIL, COSO, COBIT, etc.)
  • Participate in ETCS key initiatives as the subject matter expert to ensure alignment with Information Security programs and initiatives
REQUIREMENTS

Basic

  • Bachelor’s degree in information systems, computer science or related discipline
  • Minimum 7 years of experience in Information Security, Internal Audit and/or IT Risk Management functions
  • Minimum 7 years of experience testing IT general controls related to SSAE 18 SOC Trust Principles
  • Proven minimum 7 years of experience with the implementation of the AICPA Generally Accepted Auditing Standards (GAAS) and documenting workpapers
  • Minimum 5 years’ experience implementing information security risk, governance, and control frameworks such as ISO/IEC27000 series, FFIEC CAT, NIST CSF, CSA CCM and PCI DSS
  • CISSP, CISA or CISM certification is required

Preferred

  • Demonstrated technical abilities across a broad range of technologies: Windows, Linux, relational databases (Oracle, MS SQL, etc.), firewalls, routers, mobile devices, virtualization and cloud computing
  • Proven experience and success with managing IT, Internal Audit or Information Security compliance programs
  • Proven experience with IT and information security best practices
  • Proven project management and organizational skills, specifically managing multiple, concurrent projects
  • Strong interpersonal, written, and oral communication skills
  • Highly self-motivated and directed professional, with keen attention to detail
  • Excellent analytical, problem-solving and decision-making abilities
  • Able to effectively prioritize tasks in a high-pressure environment
  • Strong customer service and solution-focused orientation
  • Experience working in a team-oriented, collaborative environment
  • Master’s Degree in Information Systems, Computer Science or related discipline is highly desired

We offer a competitive and comprehensive benefits package. Please visit https://www.etradecareers.com/why-work-at-etrade/employee-benefits/ to learn more about the opportunities.

E*TRADE Financial is an Equal Opportunity Employer who encourages diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, age, disability, citizenship, marital status, sexual orientation, gender identity, military or protected veteran status, or any other characteristic protected by applicable law.

Upcoming E*TRADE career events

There are no upcoming events at this time.