JCW Group
Director - Information Security Risk Management Lead
JCW Group, Trenton, New Jersey, United States
Director - Information Security Risk Management Lead
Location:
New York / New Jersey Level:
Director Reports to:
Head of Technology & Information Security Risk Management Department:
Risk We are seeking a senior leader to drive Information Security Risk Management within our Risk function. The role provides oversight, credible challenge, and strategic guidance across information security risks, working closely with technology and business stakeholders in a highly regulated environment.
Responsibilities
Lead implementation and oversight of information security risk frameworks, ensuring alignment with enterprise and operational risk practices.
Provide independent review and credible challenge of risk assessments, controls, metrics, incidents, and reporting.
Guide and influence business units in risk ownership and control effectiveness.
Conduct thematic reviews of security events, validating action plans and monitoring remediation progress.
Oversee risk management of key security projects, from assessment through to BAU transition.
Present risk reporting and insights to senior leadership, committees, audit, and regulators.
Act as a trusted advisor on emerging cybersecurity and technology risks.
Maintain relevant policies, standards, and procedures.
Mentor and support junior team members while role-modeling strong leadership.
What We’re Looking For
10+ years in information security governance, operations, or risk management within banking or systemically important financial institutions (DFMUs preferred).
Strong leadership and stakeholder management skills, with credibility across technology, business, and regulatory bodies.
Experience designing and managing operational risk frameworks in line with best practices and regulatory requirements.
Broad technology exposure in complex, global, high-volume transaction environments requiring resilience and top-level security.
Deep understanding of regulatory requirements and policy frameworks.
Knowledge across areas such as cyber resilience, cloud security, incident response, identity & access management, threat/vulnerability management, AI risk, third-party risk, and network security.
Qualifications
Bachelor’s degree in Computer Science, Cybersecurity, or related discipline.
Familiarity with frameworks such as NIST CSF, ISO 27001, ORX, SANS, CERT, ENISA.
Proficiency in PowerPoint, Excel, and GRC tools (e.g., Archer).
Focus:
Candidates with experience in banking or DFMUs (not consulting).
#J-18808-Ljbffr
Location:
New York / New Jersey Level:
Director Reports to:
Head of Technology & Information Security Risk Management Department:
Risk We are seeking a senior leader to drive Information Security Risk Management within our Risk function. The role provides oversight, credible challenge, and strategic guidance across information security risks, working closely with technology and business stakeholders in a highly regulated environment.
Responsibilities
Lead implementation and oversight of information security risk frameworks, ensuring alignment with enterprise and operational risk practices.
Provide independent review and credible challenge of risk assessments, controls, metrics, incidents, and reporting.
Guide and influence business units in risk ownership and control effectiveness.
Conduct thematic reviews of security events, validating action plans and monitoring remediation progress.
Oversee risk management of key security projects, from assessment through to BAU transition.
Present risk reporting and insights to senior leadership, committees, audit, and regulators.
Act as a trusted advisor on emerging cybersecurity and technology risks.
Maintain relevant policies, standards, and procedures.
Mentor and support junior team members while role-modeling strong leadership.
What We’re Looking For
10+ years in information security governance, operations, or risk management within banking or systemically important financial institutions (DFMUs preferred).
Strong leadership and stakeholder management skills, with credibility across technology, business, and regulatory bodies.
Experience designing and managing operational risk frameworks in line with best practices and regulatory requirements.
Broad technology exposure in complex, global, high-volume transaction environments requiring resilience and top-level security.
Deep understanding of regulatory requirements and policy frameworks.
Knowledge across areas such as cyber resilience, cloud security, incident response, identity & access management, threat/vulnerability management, AI risk, third-party risk, and network security.
Qualifications
Bachelor’s degree in Computer Science, Cybersecurity, or related discipline.
Familiarity with frameworks such as NIST CSF, ISO 27001, ORX, SANS, CERT, ENISA.
Proficiency in PowerPoint, Excel, and GRC tools (e.g., Archer).
Focus:
Candidates with experience in banking or DFMUs (not consulting).
#J-18808-Ljbffr