QMA - Vice President of Information Governance



Information Governance manages the following areas: Information Security (Cybersecurity), Business Continuity Planning (BCP), Privacy, Records Management and Vendor Governance.

The Vice President is a professional position that oversees QMA's Information Security Program. Responsible for the overall program including planning, directing, coordinating, and evaluating the overall effectiveness of the program.

Information Security

  • Serves as an internal Information Security consultant to the organization
  • Implements Information Security policies and procedures
  • Provides direct training and oversight to all employees, affiliate marketing partners, alliances, or other third parties, ensuring proper information security clearance in accordance with established organizational information security policies and procedures
  • Initiates, facilitates, and promotes activities to create Information Security awareness within the organization
  • Perform Information Security and CyberSecurity risk assessments and serves as an internal auditor for security issues
  • Implements Information Security policies and procedures for the organization
  • Reviews all system-related security plans throughout the organization's network, acting as a liaison to both Technology Infrastructure and Applications.
  • Monitors compliance with the firm's Information Security policies and procedures, referring problems to the appropriate department manager
  • Coordinates the Information Security activities for the firm including annual vulnerability assessments for QMA's network
  • Liaise with the Prudential Information Security Office and act as BISO for QMA
  • Advises the organization with current information about information security technologies and related regulatory issues
  • Monitors the internal control systems to ensure that appropriate access levels are maintained
  • Reviews vendor lists to ensure all vendors are appropriately reviewed prior to providing client information
  • Conducts privacy assessments and vendor due diligence reviews for vendors
    Business Continuity

  • Maintains the Business Continuity Plan for QMA
  • Liaise with PGIM and Prudential Corporate BC Offices to ensure compliance to company's standards
  • Assess and maintain the Business Impact Analysis for the processes within the firm
  • Perform analyses to document operational impacts of natural and man-made incidents and prepare recommendations for mitigation strategies including the identification of critical business process interdependencies, defining the reliance on data centers / critical applications / geographic sites and aggregating financial impacts along divisional or geographic boundaries
  • Schedule and oversee the quarterly testing of the firm's Business Continuity Plan
  • Present critical findings from all testing related activities
  • Participate in training and awareness sessions, outage simulation exercises, and summarize lessons learned
  • Ensures the Business Continuity Plan remains current to the potential scenarios facing the firm
  • Conducts tabletop exercises with departments to ensure that the BC Plan remains current
  • Reviews Business Continuity Plan to ensure that all processes are captured and all new technology has been included
  • Provide training to employees on Business Continuity projects



Qualifications:

  • Bachelor's Degree in Computer Science or related field; Master's Degree preferred
  • CISSP Certified or equivalent
  • CBCP Certified or equivalent
  • 7-10 years of progressive experience in information security
  • Knowledge of the financial services industry especially as it relates to quantitative research and analysis (models)
  • Knowledge of the legal and regulatory guidelines for the financial services industry
  • Ability to implement policies, procedures and guidelines
  • Ability to train, educate, and present
  • Management and supervisory experience
  • Proficiency in MS Office applications, database knowledge and designing forms
  • Must have excellent work ethics and apply them to company regulations, procedures and practices.
  • Knowledge of Information Security applications
  • Familiarity with federal regulations and Industry standards related to Information Security (FISMA, ISO 27001/27002, NIST, etc.)
  • Must be detailed oriented and understand the importance of data integrity/quality
  • Communication/Interpersonal/Writing Skills
  • Ability to clearly communicate effectively with senior management, company personnel, and outside vendors (written/verbal)
  • Strong interpersonal skills


Back to top