Cyber Risk Director

About The Position

Requirements

• 10 or more years of relevant experience
• Strong knowledge of technology and cyber risks and experience in working and collaborating with cross functional teams leading risk management programs
• Knowledge of common frameworks and standards such as NIST, CIS, ISO
• Knowledge and experience of key legal and regulatory compliance, e.g. GDPR, RegSCI
• Technical as well as policy management experience preferred, with a wide range of experience across multiple cyber security areas
• Project planning, management, and delivery skills within the context of a broader cyber security program
• Financial services experience is preferable, or experience in the financial technology (‘FinTech’) area
• Ideally hold, (or be working toward) a CISM, CISSP or CRISC qualification
• Excellent communication skills with the ability to convey complex technical and non-technical concepts in verbal products & excellent writing skills
• Excellent project management skills and experience

Nice To Haves

• Remediation experience in the Financial Industry
• Ability to meet with internal partners and present reports with confidence

Responsibilities

• Provide leadership and oversight of Cyber Security risk management, and maintain governance within the company’s Enterprise Risk Management Framework
• Manage cyber risk-related program activities, and ensure effective collaboration within the team, as well as technology, business, and other shareholder groups.
• Maintain the cyber-risk register, control catalogue and its framework mappings, and ensures the controls and policy documentation aligns whilst clearly and concisely articulating cyber-risks to key stakeholders (technical and non-technical)
• Maintain and embed an Information Security Policy and management framework across the company that addresses the needs of the company, its staff, and other key stakeholders in line with relevant legislation and industry standards
• Owns the end-to-end process for cyber security related policy & standards creation, management, review and ensures they incorporate regulatory and other requirements
• Own the 3rd party Cyber Risk Assessments for vendor engagements to ensure that information and Cyber Security risks through third party suppliers are identified and managed appropriately
• Support various internal and external cyber security audit and regulatory exams
• Manage related metrics, KPIs and performance indicators and provide regular updates to the senior management, and the needs of audit, regulator, and risk management purposes
• The role holder helps mentoring junior team members.

Benefits

• Health Insurance: Highly competitive medical, dental, and vision programs
• Hybrid Environment: Our employees have the flexibility of working in the office and from home.
• Health Care and Dependent Care Flexible Spending Accounts: You may elect to set aside pre-tax earnings to pay for eligible health care and dependent day care expenses for you and your eligible family members.
• Maven Family Building Benefit: Maven offers support for fertility and preconception; pregnancy and post-partum; adoption; surrogacy and pediatrics for children up to age 10. Tradeweb provide a $10,000 lifetime reimbursement towards fertility, egg freezing, adoption and surrogacy expenses.
• 401(k) Savings Plan: Employees are immediately eligible for the 401(k) plan. Participants may contribute up to 75% of eligible compensation into a traditional 401(k) and/or Roth 401(k). Tradeweb will match 100% of the first 4% of compensation that you contribute.
• Discretionary bonus program
• Pre-Tax Commuter Benefits Program
• ARAG Legal Services
• Employee Assistance Program
• Tuition Reimbursement
• Financial Wellness Tools
• Travel Assistance Benefits
• Pet Insurance
• Corporate Gym Subsidies
• Wellness Perks
• Paid Time Off and Parental Leave