Previous Job
Security/Regulatory Governance Lead
Ref No.: 18-10247
Location: Jersey City, New Jersey
Regulatory Compliance Management (new service being offered).
Role may turn into full time hire to add to team of testers.
Role is largely reviewing rules and regulations that the client must adhere to.
Developing method to do compliance testing.
Must understand testing criteria.
Assist in request for comments from client or industry groups.
Building the regulatory compliance for cybersecurity.
Needs someone who has good understanding of cybersecurity, maybe someone whose done some level practitioner work, like vulnerability management, risk management.
Security tools are nice to have, but the role is less about tools and more about understanding processes.
Would like a mix of compliance, Ops Risk, technology, and wants a good 5 years of Cybersecurity experience (foreign or in US).

The Cybersecurity Regulatory Governance Lead is accountable for the development, testing, and reporting of cybersecurity regulatory obligations. The role is also responsible for the coordination of the organization's responses to request for comments on cybersecurity rules, rules interpretation and guidance. This function is the primary interface for the Compliance Testing organization and will support the Business Information Security Officer (BISO) in communicating compliance gaps to the business
• Identify new and upcoming cybersecurity and cyber resiliency regulatory and supervisory requests for comment on new rules, rules interpretations and guidance; Develop and execute a process to address cybersecurity supervisory requests for comments
• Develop and maintain a comprehensive understanding of the applicable cyber laws and regulations as well as requirements and resulting controls that enable compliance
• Serve as an authoritative resource on current and emerging cybersecurity compliance rules, rules interpretations and guidance
• Develop the assessment program to review Business and Shared Services areas against their cybersecurity regulatory obligations
• Ensure that new cybersecurity regulations are understood throughout the organization; Identify potential changes that may be required to IS Policy and Standards
• Partner with Compliance to enhance the current Compliance Framework to include controls and controls testing for cyber regulations
• Partner with the BISOs to communicate regulatory compliance to the business areas