Newport Beach, United States
Permanent | Full Time
Pacific Life is investing in bright, agile and perse new talent to ensure we continue to innovate and strengthen relationships with our policyholders. That’s why we’re actively seeking a Cybersecurity Governance Risk & Compliance (GRC) Manager to join our team and take part in our people-first culture.
Job Description/Requirements :
This role will be responsible for supporting the Pacific Life Enterprise Information Security Office located in Newport Beach, CA. This position will work with various IT teams and business units to provide information security governance, risk, and compliance (GRC) services to the enterprise. You will work with the EISO operational and Engineering teams, as well as, other stakeholders in IT, risk, compliance, privacy, legal, and internal audit to prioritize and deliver information security GRC services. You should be familiar with modern security risks and controls able to pe deeply and rapidly to iterate on ideas and solutions despite ambiguity. This position will report directly to the CISO.
This fulltime role will be responsible for supporting the Pacific Life Information Security Program, located in Newport Beach, CA. This position will work closely with stakeholders across the enterprise to maintain and grow core aspects of the Information Security Program, including governance, policy and standards, control design, business continuity planning & disaster recovery, third party risk management, and training & awareness services.
Program management / reporting / communication - Lead the annual security program roadmap and status reporting on initiatives and KRIs. Create presentation materials and lead discussion for key stakeholder meetings.
Policy management - Own the user policies, align with Privacy and Compliance
Training & awareness - Manage and grow the annual training / awareness program for technical and non-technical stakeholders.
Regulatory analysis - Conduct analysis of new regulations that impact the information security / privacy program.
Program assessments - Coordinate external reviews / assessments from regulators, audit firms, and client due diligence requests.
Risk management - Own the security risk register and the ongoing management of inherent and residual risks. Prepare heat maps and analytics of known risks.
FACTORS FOR SUCCESS
B.S. in IT related discipline or similar degree preferable. Professional certification such as CISSP, CISM are a plus.
7 - 10 years of experience with the following:
Strong oral and written communication skills
Strong problem solving and troubleshooting skills with experience exercising mature judgement
Excellent teamwork and interpersonal skills
General information security experience and knowledge of general security concepts, such as defense-in-depth, least privilege, security architecture and design, threat modeling, etc.
Experienced in collaborating at all levels of an enterprise
Creativity and initiative in work product, positive and helpful attitude proposing solutions to resolve problems
Professional and technical certifications desired but nor required such as CISM or CISSP
Ability to reach technical and non-technical audiences across all levels of the organization.
Ability to leverage industry frameworks (NIST, ISO, etc.) for Financial Services / Insurance to provide control context and benchmarking.
Work experience related to information security and/or IT operational risk management is essential, across cloud and traditional IT patterns. Experience within large Financial Services firms is preferred.
Comprehension of the regulatory and legal landscape driving privacy/information security (HIPAA, NY DFS, GDPR, CCPA, etc.)
A solid understanding of current technology capabilities, and a keen interest in staying abreast of emerging technology trends and information security domains.
Experience in leading change and the principles of change management.
Experience in contracting, implementing, and managing security service providers.
Experience with implementing and managing GRC software solutions for Information Security use cases.
Design and deliver enterprise level GRC security solutions and services as prioritized by the CISO and Cyber Defense team
Manage end-to-end portfolio delivery in terms of schedule, cost, scope and quality; anticipate risks and issues that may arise during the delivery of the portfolio process and ensure that appropriate mitigation actions are in place
Demonstrate accountability; lead people with passion, enthusiasm, loyalty and integrity
Manage HR processes: Employee engagement, performance reviews, talent development
Engage in resourcing processes to ensure organizational agility
Act as a change agent, seeking opportunities to challenge the status quo to meet business objectives
Design, measure and assess key performance metrics to inform data-driven decisions
Socialize the value and importance of cybersecurity across IT areas, operating as an extended arm of the Enterprise Information Security Office
Align with and support the execution of the Information Security Office vision and strategy
How We Help You Succeed:
We’re fostering a culture of shared values across our company by providing generous compensation and comprehensive benefits that allow our employees to find fulfillment and security in personal life and career alike. These include:
Competitive Salary and Benefits
Work-Life Balance & Flexible Scheduling
Medical, dental, and vision as part our commitment to investing in the health and wellbeing of our employees
Two retirement savings plans: 401k savings plan with company match and Company Retirement Contribution (company-paid)
Generous PTO and holiday pay
Warm Colleagues & Inspiring Culture
Pacific Life Insurance Company is an Equal Opportunity /Affirmative Action Employer, M/F/D/V. If you are a qualified inpidual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access our career center as a result of your disability. To request an accommodation, contact a Human Resources Representative at Pacific Life Insurance Company.
Loading please wait...