Sr Director, Information Security Engineering
- Rockville, MD
The Senior Director is part of the senior management team of Technology, oversees a major program or project organization within Technology, and most often reports directly to a Vice President or Senior Vice President.
- Manage separate teams focused on delivering high quality results within one or more of the following security disciplines: identities and entitlements, security event management, security analytics and reporting, thresholding and alerting, anomaly detection, secure configurations, and compliance reporting.
- Develops and oversees organizational policies, goals, objectives, standards and strategies that drive to measurable and repeatable results.
- Utilize automated platforms to optimize resource use and produce repeatable, high-quality results in relevant security disciplines.
- Apply AI/ML to event data, scaling solutions to high volume workloads, database security and database activity monitoring, and secure architectures and designs.
- Develop new and innovative ways to detect and resolve anomalous activity; analyze information or threats; and evaluate results to choose the best solutions to solve problems and oversee efforts to implement.
- Select and manage vendors, tools, and technologies.
- Establish, evolve, and ensure compliance with standard practices and processes within the disciplines.
- Direct and coordinate organization's financial and budget activities to fund operations, maximize benefits from investments, and increase efficiency.
- Serve on leadership teams
- Develop constructive and cooperative working relationships with peers and senior leaders both withinÂ Technology and Cyber and Information Security and with other groups (e.g., internal audit, legal, etc.), and maintain and enhance those relationships over time.
- Establish and maintain external relationships with strategic product/service vendors, FINRA clients/customers, the SEC and FINRAâ€™s other regulators, industry forums (government & private councils, standards bodies, product forums, etc.), as appropriate.
- Ensure adherence to Technology and Cyber and Information Security policies, standards and controls.
- Support periodic Disaster Recovery (DR) and Business Continuity Planning (BCP) updates and tests, SOC2 assessment, FISMA/FedRAMP compliance, Internal Controls (ICM) testing and reporting, and other initiatives as required.
- Other duties as assigned.
- Identify and hire resource/skills needed within their organization.
- Responsible for staff performance management, compensation planning and training.
- Coordinate assignment of subordinate staff.
Required Education / Certifications:
- Bachelorâ€™s degree in computer science, engineering, or related technical discipline
- ISC2 Certified Information System Security Professional (CISSP) certification highly desired
- Additional certifications related to AWS, secure design/architecture, networking, or similar are desired
- 10+ years of cyber and information security experience
- 5+ years of management supervisory experience
- Financial services industry experience is a plus
- Expertise in Security Information and Event Management (SIEM) platforms, Identity and Access Management (IAM) processes and tools, database systems, and AI/ML tools and techniques
- Deep and broad knowledge of cyber and information security standards, frameworks, technologies, control strategies, and compliance practices.
- Knowledge of and experience working with government and industry security standards and frameworks commonly used in the financial services industry, especially NIST SP800 series, FISMA, FedRAMP, ISO 2700x, and the NIST Cybersecurity Framework.
- Strong knowledge of networking, firewalls, load balancers, TCP/IP, web servers and the other technical underpinnings of modern IT systems
- Strong verbal and written communication skills with the ability to articulate complex technical ideas in easy to understand business terms to all levels of management and staff
- Excellent judgment and interpersonal skills
- Experience presenting to all levels of management and staff
- Demonstrated leadership experience
- Normal office environment and normal daytime work hours.
- Work outside of regular business hours and some travel may be required.
Flexible schedule and/or remote work with supervisor approval.
To be considered for this position, please submit a cover letter and resume. A writing sample may be required as part of the submission.
The information provided above has been designed to indicate the general nature and level of work of the position. It is not a comprehensive inventory of all duties, responsibilities and qualifications required.
Please note: If the â€Apply Nowâ€ button on a job board posting does not take you directly to the FINRA Careers site, enter www.finra.org/careers into your browser to reach our site directly.
FINRA strives to make our career site accessible to all users. If you need a disability-related accommodation for completing the application process, please contact FINRAâ€™s accommodation help line at 240.386.4865. Please note that this number is exclusively for inquiries regarding application accommodations.
In addition to a competitive salary, comprehensive health and welfare benefits, and incentive compensation, FINRA offers immediate participation and vesting in a 401(k) plan with company match. You will also be eligible for participation in an additional FINRA-funded retirement contribution, our tuition reimbursement program and many other benefits. If you would like to contribute to our important mission and work collegially in a professional organization that values intelligence, integrity and initiative, consider a career with FINRA.
FINRAâ€™s Code of Conduct imposes restrictions on employeesâ€™ investments and requires financial disclosures that are uniquely related to our role as a securities regulator. FINRA employees are required to disclose to FINRA all brokerage accounts that they maintain, and those in which they control trading or have a financial interest (including any trust account of which they are a trustee or beneficiary and all accounts of a spouse, domestic partner or minor child who lives with the employee) and to authorize their broker-dealers to provide FINRA with duplicate statements for all of those accounts. All of those accounts are subject to the Codeâ€™s investment and securities account restrictions, and new employees must comply with those investment restrictionsâ€"including disposing of any security issued by a company on FINRAâ€™s Prohibited Company List or obtaining a written waiver from their Executive Vice Presidentâ€"by the date they begin employment with FINRA. Employees may only maintain securities accounts that must be disclosed to FINRA at one or more securities firms that provide an electronic feed (e-feed) of data to FINRA, and must move securities accounts from other securities firms to a firm that provides an e-feed within three months of beginning employment.
You can read more about these restrictions here.
As standard practice, employees must also execute FINRAâ€™s Employee Confidentiality and Invention Assignment Agreement without qualification or modification and comply with the companyâ€™s policy on nepotism.
Search Firm Representatives
Please be advised that FINRA is not seeking assistance or accepting unsolicited resumes from search firms for this employment opportunity. Regardless of past practice, a valid written agreement and task order must be in place before any resumes are submitted to FINRA. All resumes submitted by search firms to any employee at FINRA without a valid written agreement and task order in place will be deemed the sole property of FINRA and no fee will be paid in the event that person is hired by FINRA.
FINRA is an Equal Opportunity and Affirmative Action Employer
All qualified applicants will receive consideration for employment without regard to age, citizenship status, color, disability, marital status, national origin, race, religion, sex, sexual orientation, gender identity, veteran status or any other classification protected by federal state or local laws as appropriate, or upon the protected status of the personâ€™s relatives, friends or associates.
FINRA abides by the requirements of 41 CFR 60-741.5(a). This regulation prohibits discrimination against qualified individuals on the basis of disability, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified individuals with disabilities.
FINRA abides by the requirements of 41 CFR 60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified protected veterans.
Â©2019 FINRA. All rights reserved. FINRA is a registered trademark of the Financial Industry Regulatory Authority, Inc.
Back to top