CRC Group
Overview
The Senior Cyber Regulatory Officer will lead a team to provide strategic direction for the cyber regulatory program, supporting company growth and international expansion. Regular or Temporary:
Regular Language Fluency:
English (Required) Work Shift:
1st Shift (United States of America) Please review the following job description: Key Responsibilities
Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time. Drive cross-functional alignment among key data privacy stakeholders, including cyber, data, risk, compliance, and legal teams. Support regulatory interactions for the first and second lines of defense on IT, cybersecurity, and technology risk management topics, including leading preparations for various examinations with New York State Department of Financial Services (NYDFS) and Committee on Foreign Investment in the United States (CFIUS). Lead NYDFS regulatory exercise including evidence gathering, development of compliance briefings, and submission of annual attestation. Advise and assist relevant IT and Technology Risk Management teams in addressing any IT and cybersecurity issues identified during regulatory exams or through other channels. Collaborate with project management teams on remediation and implementation projects, working with first-line and support/control groups to enhance processes and controls in compliance with best practices and regulatory guidance. In partnership with Legal and Privacy Officer, monitor changes in the global, federal, and state regulatory environment, assess their impact on business, controls, and risk frameworks, and provide solutions for implementing necessary changes in collaboration with business and support/control functions. Provide guidance and governance oversight for cyber and IT emerging risks with regulatory implications including AI and Machine Learning and AI Governance Strategies. Advise stakeholders across the organization on the planning and delivery of strategic or regulatory compliance-related projects, ensuring adherence to regulatory requirements and best practices in the firm’s IT and cybersecurity risk management processes. Provide guidance on IT and cybersecurity risk frameworks and policies, assisting with the interpretation and implementation of regulatory guidance (both new and existing), standards, and best practices, along with potential initiatives related to IT, information security, cybersecurity, and vendor risk management. Education and Experience
The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Bachelor's degree is preferred. 15+ years experience working directly with regulatory agencies or in connection with regulatory examinations is required. Functional Skills
Proven experience leading and managing teams. Direct experience with regulatory obligations for Committee on Foreign Investment in the United States (CFIUS) and New York State Department of Financial Services (NYDFS). Extensive knowledge and experience in regulatory IT, information security, and cybersecurity, with expertise in regulatory requirements and standards (e.g., GDPR, SEC, CCPA/CPRA, HIPAA, GLBA, etc.). Experience with AuditBoard. Benefits
General Description of Available Benefits for Eligible Employees of CRC Group: At CRC Group, we are committed to supporting every aspect of teammates' well-being – physical, emotional, financial, social, and professional. Our benefits program includes medical, dental, vision, life, disability, and AD&D insurance; tax-advantaged savings accounts; and a 401(k) plan with company match. Eligible full-time teammates may also have access to paid time off programs, including company holidays, vacation and sick days, new parent leave, and more. Eligible positions may qualify for restricted stock units and/or a deferred compensation plan. Equal Opportunity
CRC Group supports a diverse workforce and is an Equal Opportunity Employer that does not discriminate against individuals on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status or other classification protected by law. CRC Group is a Drug Free Workplace. EEO is the Law Pay Transparency Nondiscrimination Provision E-Verify
#J-18808-Ljbffr
The Senior Cyber Regulatory Officer will lead a team to provide strategic direction for the cyber regulatory program, supporting company growth and international expansion. Regular or Temporary:
Regular Language Fluency:
English (Required) Work Shift:
1st Shift (United States of America) Please review the following job description: Key Responsibilities
Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time. Drive cross-functional alignment among key data privacy stakeholders, including cyber, data, risk, compliance, and legal teams. Support regulatory interactions for the first and second lines of defense on IT, cybersecurity, and technology risk management topics, including leading preparations for various examinations with New York State Department of Financial Services (NYDFS) and Committee on Foreign Investment in the United States (CFIUS). Lead NYDFS regulatory exercise including evidence gathering, development of compliance briefings, and submission of annual attestation. Advise and assist relevant IT and Technology Risk Management teams in addressing any IT and cybersecurity issues identified during regulatory exams or through other channels. Collaborate with project management teams on remediation and implementation projects, working with first-line and support/control groups to enhance processes and controls in compliance with best practices and regulatory guidance. In partnership with Legal and Privacy Officer, monitor changes in the global, federal, and state regulatory environment, assess their impact on business, controls, and risk frameworks, and provide solutions for implementing necessary changes in collaboration with business and support/control functions. Provide guidance and governance oversight for cyber and IT emerging risks with regulatory implications including AI and Machine Learning and AI Governance Strategies. Advise stakeholders across the organization on the planning and delivery of strategic or regulatory compliance-related projects, ensuring adherence to regulatory requirements and best practices in the firm’s IT and cybersecurity risk management processes. Provide guidance on IT and cybersecurity risk frameworks and policies, assisting with the interpretation and implementation of regulatory guidance (both new and existing), standards, and best practices, along with potential initiatives related to IT, information security, cybersecurity, and vendor risk management. Education and Experience
The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Bachelor's degree is preferred. 15+ years experience working directly with regulatory agencies or in connection with regulatory examinations is required. Functional Skills
Proven experience leading and managing teams. Direct experience with regulatory obligations for Committee on Foreign Investment in the United States (CFIUS) and New York State Department of Financial Services (NYDFS). Extensive knowledge and experience in regulatory IT, information security, and cybersecurity, with expertise in regulatory requirements and standards (e.g., GDPR, SEC, CCPA/CPRA, HIPAA, GLBA, etc.). Experience with AuditBoard. Benefits
General Description of Available Benefits for Eligible Employees of CRC Group: At CRC Group, we are committed to supporting every aspect of teammates' well-being – physical, emotional, financial, social, and professional. Our benefits program includes medical, dental, vision, life, disability, and AD&D insurance; tax-advantaged savings accounts; and a 401(k) plan with company match. Eligible full-time teammates may also have access to paid time off programs, including company holidays, vacation and sick days, new parent leave, and more. Eligible positions may qualify for restricted stock units and/or a deferred compensation plan. Equal Opportunity
CRC Group supports a diverse workforce and is an Equal Opportunity Employer that does not discriminate against individuals on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status or other classification protected by law. CRC Group is a Drug Free Workplace. EEO is the Law Pay Transparency Nondiscrimination Provision E-Verify
#J-18808-Ljbffr