We are seeking a Manager of Cybersecurity Governance to join our dynamic team reporting to the Head of Cybersecurity Governance and Risk. This role will lead the development of a comprehensive technology and cybersecurity governance framework tailored to our on-premise and SaaS environments. This role is critical in ensuring that our company's technology and cybersecurity practices are compliant with regulatory requirements and industry standards, while also effectively identifying risks.
Members of the Cybersecurity Governance team are motivated, detail-oriented, and thrive in a collaborative environment where they will add value to key business partners. This position will require you to be adaptive, willing to drive change and innovation, and work in a fast-paced environment requiring collaboration and the ability to organize and prioritize assignments.
Our Cybersecurity team works remotely; however, we prefer you live within driving distance to a corporate office for the occasional office connectivity days. Office locations including Baltimore, Wilmington DE, Charlotte NC, Dallas/Fort Worth, Phoenix/Tempe, Evansville, IN, and Chicago.
Note: Employment-based non-immigrant visa sponsorship and/or assistance is not offered for this specific job opportunity.
Target base salary range is $110k - $135k which is based on various factors including skills and work experience, and location. In addition to base salary, this role is eligible for a competitive additional compensation program that is based on individual and company performance.
Responsibilities:
Establish and maintain a security governance framework based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework to ensure effective oversight and accountability.
Oversee the technology and cybersecurity policy program, which includes policy and control drafting, facilitating cross-functional input, and enforcement of policies, procedures, and controls.
Develop and build the controls matrix in alignment with multiple frameworks, including SOC2, CIS, PCI and NIST 800-53.
Lead an annual technology and cybersecurity risk assessment.
Educate, influence and provide clear directives for technology projects, either directly or through committees, to ensure the consistent application of policies, standards and controls across all technology projects, systems and services.
Partner with cybersecurity architects, engineers, and technology operations teams to ensure governance programs for access privileges, applications, cloud environments, asset management, artificial intelligence, and other technology functions are implemented and maintained according to cybersecurity standards and guidelines.
Lead a metrics and reporting program to measure the efficiency and effectiveness of the cybersecurity program for senior management providing insights, trends and recommendations.
Qualifications:
Bachelor's Degree with a focus in Cybersecurity, Information Technology disciplines or equivalent experience.
Minimum of 5 - 7 years of experience in planning, designing, implementing and managing technology and cybersecurity governance and controls framework in the financial industry or other regulated industry.
Minimum 3 - 5 years in a leadership role with a strong ability to influence peers, leaders and team members at all levels and across functional lines.
In-depth knowledge of cybersecurity frameworks, such as NIST, SOC2, and CIS.
In-depth knowledge of cybersecurity laws and regulations, industry standards and best practices including GLBA 501(b), NYDFS and PCI.
Excellent verbal and written communication and presentation skills with the ability to prepare and deliver complex data in a way that is concise/understandable.
Strong organizational and program management skills. Ability to effectively respond to shifting priorities and assignments.
Sound analytical, problem solving and research skills.
Proficient in computer skills in Microsoft Office suite - Word, Excel, and PowerPoint.
Familiarity with automated control mapping tools such as Anecdotes, Hyperproof, or equivalent software a plus.
Self-motivation with proven ability to be adaptable to a dynamic, fast-paced work environment with multiple priorities and strict timelines
Who we Are
OneMain Financial (NYSE: OMF) is the leader in offering nonprime customers responsible access to credit and is dedicated to improving the financial well-being of hardworking Americans. Since 1912, we’ve looked beyond credit scores to help people get the money they need today and reach their goals for tomorrow. Our growing suite of personal loans, credit cards and other products help people borrow better and work toward a brighter future.
Driven collaborators and innovators, our team thrives on transformative digital thinking, customer-first energy and flexible work arrangements that grow lives, careers and our company. At every level, we’re committed to an inclusive culture, career development and impacting the communities where we live and work. Getting people to a better place has made us a better company for over a century. There’s never been a better time to shine with OneMain.
Because team members at their best means OneMain at our best, we provide opportunities and benefits that make their health and careers a priority. That’s why we’ve packed our comprehensive benefits package for full- and some part-timers with:
Health and wellbeing options for team members and their dependents
Up to 4% matching 401(k)
Employee Stock Purchase Plan (10% share discount)
Tuition reimbursement
Continuing education
Bonus eligible
Paid time off (15 days’ vacation per year, plus 2 personal days, prorated based on start date)
Paid holidays (7 days per year, based on start date)
Paid volunteer time (3 days per year, prorated based on start date)
And more
#LI-DWB