VP Information Assurance-Permanent

Location: Beverly
Posted on: April 25, 2024

Job Description:

VP Information Assurance Director

Information Assurance Roles & Responsibilities:

Lead integrated security reviews for systems, applications and infrastructure; participate as a key subject matter expert in technology risk assessments

Assess and document design effectiveness of controls across Technology division; maintenance of security control design & documentation

o Through analysis of key systems, data points, or periodic sample-based testing ensure controls are consistently implemented

o Develop, maintain and execute a process to identify document, approve and monitor control exceptions

o Collaborative development and improvement of technology control environment with all areas of Technology

Responsible for vulnerability management program inclusive of assessment, analysis, prioritization & reporting

Define, document and implement identity and access management strategy

Design and document key information security performance metrics, provide summary analysis of metrics from all Technology areas

Design change management process and lead production control process

Stay abreast of regulatory and privacy issues, and recommend improvements to technology policies, procedures and controls, accordingly

Act as primary liaison to Enterprise Risk Management / Information Security & external examiners

Preferred Skills for Information Assurance Team Members

Understanding of financial reporting and information technology risks, processes and controls

Familiarity with current and emerging technologies which may include: Windows, SQL Server, Linux, web development frameworks, cloud services, virtualization, Check Point security technologies, etc.

Awareness of core risks, processes and internal controls related to non-financial reporting, both manual and IT.

COSO Framework, CoBIT, ITIL and/or other leading business and IT control frameworks .

Demonstrates extensive skills and abilities related to controls around reporting, compliance and operational processes within financial services

Served as a consultant, auditor or business process specialist, including business process and IT management controls

Led IT-related controls assurance or controls readiness projects associated with external audits, internal audits and service organization controls reports (e.g., SSAE 16)

Identifying key risks and controls, recommend improved controls, perform controls readiness projects and identify and assess configuration of controls in IT infrastructure (security, change management, operations and program development)

Building work programs and practice aids to create tailored solutions Interfacing with other IT team members on projects as well as leading the planning and execution of projects.

Demonstrates project management skills related to IT audit projects, including developing project plans, budgets, and deliverables schedules

Demonstrates extensive abilities as a team leader, which includes creating a positive environment; monitoring workloads of the team while meeting client expectations; respecting the work-life quality of team members; providing candid, meaningful feedback in a timely manner; and keeping leadership informed of progress.

BS in Accounting, Finance, Accounting Information Systems, Management Information Systems, Computer Information Systems, Information Technology, or Information Security

Technical certifications such as CISA, CISM, CISSP, PMP

Keywords: , Lowell , VP Information Assurance-Permanent, IT / Software / Systems , Beverly, Massachusetts