Cyber Risk Management Lead
New York City, NY, USA | Two Sigma Investments
Functions:IT / Information Technology
Job Description:68 people have viewed this job
Two Sigma is a different kind of investment manager. Since 2001, we have used data science and technology to derive insights that forecast the future and discover value in markets worldwide. Our team of scientists, technologists and academics looks beyond traditional finance to understand the bigger picture and develop creative solutions to some of the world’s most difficult economic problems. Our work spans markets and industries, from insurance and securities to private investments and new ventures.
The Two Sigma Cyber team is focused on pushing the boundaries of what is possible when we reevaluate traditional assumptions and embrace modern technology. Whether we are unlocking the potential of quantitative analysis, pushing the limits of zero trust, driving cloud infrastructure to new heights, or developing our own solutions to common authentication and authorization challenges, we embody a culture of proactive and transparent innovation.
The Cyber Risk Management Lead will report to the manager for Incident Response and Investigations and will partner directly with the manager for Security Infrastructure & Operations, the manager for Security Architecture, the manager for Cloud Security, the Two Sigma Compliance team, Engineering Group Leads, the Security Risk and Governance Committee, and the Chief Risk Officer.
This role will be responsible for managing the Cyber Risk Management program at Two Sigma. The objective of the Cyber Risk Management program is to understand the current risk posture of Two Sigma and to guide investment/innovation to improve the risk posture of the firm. Successful execution of this program should eventually result in a real-time understanding of risk, threat analysis, and countermeasure effectiveness with strong signal fidelity. Outputs of the program should inform engineering and budget priorities across the firm.
This role will have the ability to influence the security state of Two Sigma, engineering priorities across the firm, investor confidence in the firm, and risk management practices across the industry and cybersecurity community at large.
You will take on the following responsibilities:
Act as a personnel manager for the Cyber Risk Team;
Conduct internal audits of the cyber risk posture of Two Sigma systems;
Engage with external auditors;
Coordinate meetings and drive the agenda of the Security Risk and Governance Committee;
Prioritize and drive remediation of identified risks;
Drive improvements to security capabilities;
Partner on automation of risk signal; and
Partner on modeling and quantitative analysis of risk based on automated signals.
You should possess the following qualifications:
Five years of experience working in some combination of cyber security risk management, cyber security auditing (internal or external), and/or cyber security consulting.
Two years of experience managing a team of personnel focused on cyber security risk management, cyber security auditing, and/or cyber security consulting.
Alrdeady a member? Sign In