Previous Job
Cybersecurity Regulatory Compliance Program Manager
Ref No.: 18-04850
Location: Boston, Massachusetts
Position Type:Direct Placement
Start Date: 05/24/2018
 My direct client in Boston is hiring a Cybersecurity Regulatory Compliance Program Manager.
Location: Boston, MA (Back Bay)
Duration: 6-month contract-to-hire; Permanent placement candidates will be considered
Salary: Competitive and dependent upon experience, including great benefits package and bonus
Start Date: ASAP
Cybersecurity Regulatory Compliance Consultant
This position is responsible for leading strategies to manage complex information security compliance programs aimed at ensuring compliance with applicable state and federal regulations as well as industry standards, including; NYFS Cyber, SOX, HIPPA, PCI-DSS, as well as ensuring awareness of and leadership surrounding the information security compliance landscape. This role will develop strategies to manage cyber security regulatory compliance governance across the organization as well as oversee and coordinate activities around related compliance audits, exams and responses.  This role will manage staff directly and be responsible for influencing and advising staff indirectly across multiple disciplines and functions. 
Duties & Responsibilities
  • Develop and deliver Cybersecurity Regulatory Compliance program strategy, operating model, staffing and execution plan.
  • Develop compliance assessment, governance model, reporting and priority based plans for delivery. 
  • Assess current environment with regulatory and industry requirements, to inform areas of noncompliance/gaps to be remediated for all cybersecurity compliance requirements, including;
    • PCI-DSS
    • NYSDFS Cyber Regulations
    • SOX/SOC/Mar/Financial Reporting
    • HIPPA
    • Other state regs/industry standards
  • Monitor and maintain an effective internal control environment across the compliance impacted business units in accordance with company policies and in compliance with regulatory and industry requirements. 
  • Deliver regular reporting on compliance initiatives, program progress and key areas of risk. 
  • Manage the US IT SOX compliance program, including governance and coordination activities. 
  • Support security awareness and training initiatives to promote the success of company-wide Information Security compliance efforts
  • Manage and coordinate audits, exams and associated responses.
  • Manage scope, budget, staff for compliance program. 
Technical Requirements
  • Significant experience in applying IT control frameworks in line with regulatory and industry requirements
  • Knowledge of and experience with SSAE-16, SOC, SOX, HIPPA, PCI  audit requirements and technical environments
  • Experience providing a service oriented leadership approach to maintaining compliance
  • Strong working expertise with Information Security, Compliance & IT Management Standards; ISO27001, COBIT, COSO, & ITIL
Preferred Qualifications
  • 7+ years of experience in related information security risk and compliance
  • Proficiency in performing IT risk, business impact, control and vulnerability assessments
  • Possession of standard certifications in Information Security or Compliance (CISSP, CISA, CISM, CRISC, GIAC, PCIP, ISA). Former PCI QSA experience a plus
  • Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues
  • Strong project management and communication skills (written and oral) with internal organizations and external/internal auditors
  • Advanced written and verbal communication and presentation skills
  • Excellent leadership, teamwork, and client service skills