Information Security Consultant

1 month ago

New York, United States OTC Markets Group Inc Full time
Job DescriptionJob DescriptionOTC Markets Group, a regulated fintech company, is seeking an Information Security Consultant for a period of 6 months in a full time capacity. Applicants for this role should have capability to travel to the NYC office whenever required.

Responsibilities:
• Policy and Procedure Management: Review, update, and enhance all relevant policies and procedures to ensure the company’s compliance with SEC Regulation SCI and ISO 27001 requirements. Develop and implement new policies as needed to address emerging security threats and regulatory changes.
• Risk Management: Assist with organizing and running external risk assessments, ensure proper documentation of identified risks, develop risk mitigation plans and follow through on their implementation. Implement continuous monitoring strategies with regular reports to senior management.
• Access and Identity Management: Enhance and implement procedures for reviewing access authorizations, especially during personnel transfers and third-party engagements. Enhance controls around privileged system accounts and administrative access. Conduct regular audits to ensure access controls are effective and compliant.
• Incident Response and Business Continuity: Enhance and formalize incident response plans, including regular testing and integration with other organizational plans. Enhance business continuity and disaster recovery plans, ensuring detailed procedures and roles are defined.
• Data Protection and Encryption: Implement data loss prevention controls and encryption protocols. Help improve policies for data classification, retention, and destruction. Conduct regular audits to ensure data protection measures are effective. 
• Training and Awareness: Maintain a comprehensive security awareness training program, including insider threat and incident response training. Update training content to address new threats and compliance requirements.  
• Vendor and Third-Party Management: Establish and enforce security requirements for third-party vendors. Conduct periodic assessments of vendors and review of applicable CUICs – Complimentary User Entity Controls.
• Governance, Risk, and Compliance (GRC): Enhance and implement a comprehensive GRC framework that integrates governance, risk management, and compliance activities across the organization. Ensure alignment with industry standards and regulatory requirements and facilitate regular GRC audits and assessments to identify and mitigate potential gaps.
• Security Operations: Assist with maintaining the firm’s security tools and daily processes such as security reviews, applications approvals, and change management approvals. Ensure security operations are aligned with organizational goals and regulatory requirements.
• Security Monitoring and Incident Detection: help manage security information and event management (SIEM) systems to monitor network and system activities for signs of security breaches. Ensure timely detection and response to potential security incidents.
• Threat Intelligence and Vulnerability Management: Continuously gather and analyze threat intelligence to stay ahead of emerging threats. Conduct regular vulnerability assessments and penetration testing to identify and remediate security weaknesses.
• Security Incident Response: Assist with the response to security incidents, including investigation, containment, eradication, and recovery. Maintain detailed incident logs and conduct post-incident reviews to improve response processes.
• Security Metrics and Reporting: Enhance and maintain security metrics to measure the effectiveness of security operations. Provide regular reports to senior management on security posture, incident trends, and areas for improvement. Use metrics to drive continuous improvement in security practices. 

Requirements:
• Bachelor's degree in Information Security, Cybersecurity, or a related field. Advanced degree preferred.
• Relevant certifications such as CISSP, CISM, CISA, or ISO 27001 Lead Implementer are highly desirable.
• At least 5 years of experience in cybersecurity, information security, information technology, engineering, risk management, compliance or a related field, preferably within the financial services industry.
• Demonstrated experience with regulatory compliance such as SEC Regulation SCI requirements.
• Proficiency with ISO 27001 standard, CIS Benchmarks, risk assessment methodologies, and implementation of security controls.
• Proven successful track record of developing, documenting, and implementing security policies and procedures.
• Excellent risk assessment and management skills.
• Strong knowledge of access and identity management best practices.
• Experience in incident response, business continuity planning, capacity planning and stress testing. 
• Demonstrated expertise in managing third-party vendor relationships, including conducting security assessments.
• Familiarity with data protection and encryption technologies.
• Excellent communication with the ability to present complex security issues to senior management and stakeholders.
• Excellent analytical skills with the ability to identify security gaps and develop effective remediation plans.
• High level of attention to detail in documenting and implementing security policies and procedures.

The compensation for this position is anticipated between $130-170/hr.

For more information about OTC Markets Group, please visit our public policy advocacy and careers page.  No calls or e-mails please.

Powered by JazzHR

DbnTHelSiN

  • Information Security Consultant

    5 days ago

    New York, New York, United States Turner & Townsend Full time

    Job DescriptionCompany OverviewTurner & Townsend is a leading global professional services company that delivers transformational programs across the real estate, infrastructure, and natural resources sectors. With a presence in 50 countries and 118 offices worldwide, we provide expert advice and guidance to clients across the globe.Job SummaryWe are seeking...

  • Security System Sales Consultant

    2 months ago

    New York, United States Hoosier Security Full time

    Who We Are: We are a one-stop shop for solutions that make your business, school, commercial facility, and financial institution more secure, comfortable, and energy efficient. From design and planning to installation and service, we offer several essential services: Access Control Video Surveillance Security Systems We are seeking a Security System Sales...

  • GRC Architect

    3 days ago

    New York, United States Riva Scientific LLC Full time

    Job DescriptionJob DescriptionGRC Architect /Information security senior consultant.New York OnsiteJob Description : The GRC Architect is an experienced role and will work cross functionally across many security teams . You will be involved playing a critical role in ensuring that GRC functions are incorporated into key security services and program while...

  • Information Security Engineer

    2 weeks ago

    New York, United States Motion Recruitment Full time

    Outstanding long-term contract opportunity! A well-known Financial Services Company is looking for a Information Security Engineer in New York, NY (Hybrid). Work with the brightest minds at one of the largest financial institutions in the world. This is a long-term contract opportunity that includes a competitive benefit package! Our client has been around...

  • Information Security Engineer

    2 weeks ago

    New York, United States Motion Recruitment Full time

    Outstanding long-term contract opportunity! A well-known Financial Services Company is looking for a Information Security Engineer in New York, NY (Hybrid). Work with the brightest minds at one of the largest financial institutions in the world. This is a long-term contract opportunity that includes a competitive benefit package! Our client has been around...

  • Senior Information Security Consultant

    1 day ago

    New York, United States Robert Half Full time

    We are currently seeking a Senior Governance Risk and Compliance (GRC) Specialist to join our team. The ideal candidate will have 10+ years' of experience and a deep understanding of widely accepted information security frameworks such as NIST Cybersecurity, HIPAA, PCI, HITRUST, ISO 27001 among others and will be responsible for identifying, assessing,...

  • Senior Information Security Consultant

    9 hours ago

    New York, United States Robert Half Full time

    We are currently seeking a Senior Governance Risk and Compliance (GRC) Specialist to join our team. The ideal candidate will have 10+ years' of experience and a deep understanding of widely accepted information security frameworks such as NIST Cybersecurity, HIPAA, PCI, HITRUST, ISO 27001 among others and will be responsible for identifying, assessing,...

  • Information Security Analyst

    2 months ago

    New York, United States Motion Recruitment Full time

    Outstanding long-term contract opportunity! A well-known Financial Services Company is looking for a Information Security Analyst in New York, NY (Hybrid). Work with the brightest minds at one of the largest financial institutions in the world. This is a long-term contract opportunity that includes a competitive benefit package! Our client has been around...

  • Information Security Engineer

    7 days ago

    New York, United States Motion Recruitment Full time

    Outstanding long-term contract opportunity! A well-known Financial Services Company is looking for a Information Security Engineer in New York, NY, Raleigh, Charlotte, Westlake, Chandler, Tempe, or Columbus (Hybrid). Work with the brightest minds at one of the largest financial institutions in the world. This is a long-term contract opportunity that...

  • Security Guard

    2 weeks ago

    New York, United States Gaton And Gaton Security Consultant Part time $18

    Job DescriptionJob DescriptionJob SummaryWe are seeking a professional Security Guard to join our team. In this role, your primary responsibility will be to create a safe and secure environment. You will protect our students, premises, assets, and employees and prevent any illegal or inappropriate occurrences. The ideal candidate has experience with public...

  • Security Guard

    2 weeks ago

    New York, United States Gaton And Gaton Security Consultant Part time $18

    Job DescriptionJob DescriptionBenefits:Free uniformsJob SummaryWe are seeking a professional Security Guard to join our team. In this role, your primary responsibility will be to create a safe and secure environment. You will protect our students, premises, assets, and employees and prevent any illegal or inappropriate occurrences. The ideal candidate has...

  • Hardware Security Consultant

    1 month ago

    New York, United States Iceberg Cyber Security Full time

    I’m currently representing an upcoming leader in cybersecurity, providing cutting-edge solutions and testing services. Their current mission is to venture into the world of hardware and embedded testing and they are looking for a leader to join as a principal Embedded Security Tester and develop new offensive security offerings.As an Embedded Security...

  • Regional Security Consultant

    2 days ago

    New York, United States RIGHTINFO CONSULTING Part time

    Job DescriptionJob DescriptionRightinfo Consulting is seeking Regional Security Consultant to join our team.Rightinfo Consulting is an emerging consulting corporation. Our mission is to help clients navigate in a complex world and get their message across. We combine geopolitical research, analysis and engagement with policymakers across the world in order...

  • Information Security Analyst

    2 weeks ago

    New York, United States Lightbend Full time

    Job DescriptionJob DescriptionInformation Security Analyst About Us:Lightbend is a leading organization in the software business, dedicated to delivering innovative solutions and services to our clients. We pride ourselves on our commitment to excellence, integrity, and customer satisfaction. As we continue to grow, we are seeking a skilled and motivated...

  • Information Security Engineer 24-06894

    2 weeks ago

    New York, United States Genesis10 Full time

    Genesis10 is currently seeking an Information Security Engineer with our client in the financial industry located in New York, NY, OR CHARLOTTE, NC. This is a 24+ month contract position. Responsibilities: Consult on or participate in moderately complex initiatives and deliverables within Information Security Engineering and contribute to large-scale...

  • Information Security Engineer 24-06894

    2 weeks ago

    New York, United States Genesis10 Full time

    Genesis10 is currently seeking an Information Security Engineer with our client in the financial industry located in New York, NY, OR CHARLOTTE, NC. This is a 24+ month contract position. Responsibilities: Consult on or participate in moderately complex initiatives and deliverables within Information Security Engineering and contribute to large-scale...

  • Information Security Analyst

    1 week ago

    New York, New York, United States Heidrick & Struggles Full time

    About Us:Heidrick & Struggles (Nasdaq: HSII) stands as a leading provider of global leadership advisory and on-demand talent solutions, addressing the senior-level talent and consulting requirements of the world's foremost organizations. As trusted advisors in leadership, we collaborate with our clients to cultivate future-ready leaders and organizations,...

  • Information Security Analyst

    1 week ago

    New York, New York, United States Heidrick & Struggles Full time

    About Us:Heidrick & Struggles (Nasdaq: HSII) stands as a leading provider of global leadership advisory and on-demand talent solutions, catering to the senior-level talent and consulting requirements of the world's foremost organizations. As trusted advisors in leadership, we collaborate with our clients to cultivate future-ready leaders and organizations,...

  • Information Security Analyst

    1 week ago

    New York, New York, United States Heidrick & Struggles Full time

    About Us:Heidrick & Struggles (Nasdaq: HSII) stands as a leading provider of global leadership advisory and on-demand talent solutions, addressing the senior-level talent and consulting requirements of the world's foremost organizations. As trusted advisors in leadership, we collaborate with our clients to cultivate future-ready leaders and organizations,...

  • Cyber Security Consultant

    4 weeks ago

    New York, United States hackajob Full time

    hackajob has partnered with a multi-faceted team focused on the evaluation, strategy definition, and execution of risk-minded solutions for leading organizations across the Financial Services industry. We are currently seeking for a Sr. Cybersecurity Consultant who can design and develop security policies, standards and procedures across various...