Cyber Risk Director

To capitalize on our success and continued growth plans we are seeking a Cyber Risk Manager. As a member of the Information Security team, this role will be taking a lead in to help support and expand the existing team, help us assess risks to the firm, deliver our second line assurance program, and support our management of third-party cyber risks. The cyber risk landscape changes constantly and we support a large and varied business that is constantly evolving and growing, so no two days are ever quite the same here and your role will grow and evolve over time. The role will also have an opportunity to work with subject matter experts not only within security, but across infrastructure, network, development, and business teams. We look to hire people who are comfortable in working with minimal supervision as part of a team that has consistently delivered ground-breaking and innovative solutions in one of the most exciting and fast-moving areas of the of the financial markets. We need people who are able to prioritize and can effectively communicate complex issues to non-technical team members. We would prefer someone who has remediation experience in the Financial Industry, who can meet with our internal partners and present reports with confidence.

• Provide leadership and oversight of Cyber Security risk management, and maintain governance within the companys Enterprise Risk Management Framework
• Manage cyber risk-related program activities, and ensure effective collaboration within the team, as well as technology, business, and other shareholder groups.
• Maintain the cyber-risk register, control catalogue and its framework mappings, and ensures the controls and policy documentation aligns whilst clearly and concisely articulating cyber-risks to key stakeholders (technical and non-technical)
• Maintain and embed an Information Security Policy and management framework across the company that addresses the needs of the company, its staff, and other key stakeholders in line with relevant legislation and industry standards
• Owns the end-to-end process for cyber security related policy & standards creation, management, review and ensures they incorporate regulatory and other requirements
• Own the 3rd party Cyber Risk Assessments for vendor engagements to ensure that information and Cyber Security risks through third party suppliers are identified and managed appropriately
• Support various internal and external cyber security audit and regulatory exams
• Manage related metrics, KPIs and performance indicators and provide regular updates to the senior management, and the needs of audit, regulator, and risk management purposes
• The role holder helps mentoring junior team members.

• 10 or more years of relevant experience
• Strong knowledge of technology and cyber risks and experience in working and collaborating with cross functional teams leading risk management programs
• Knowledge of common frameworks and standards such as NIST, CIS, ISO
• Knowledge and experience of key legal and regulatory compliance, e.g. GDPR, RegSCI
• Technical as well as policy management experience preferred, with a wide range of experience across multiple cyber security areas
• Project planning, management, and delivery skills within the context of a broader cyber security program
• Financial services experience is preferable, or experience in the financial technology (FinTech) area
• Ideally hold, (or be working toward) a CISM, CISSP or CRISC qualification
• Excellent communication skills with the ability to convey complex technical and non-technical concepts in verbal products & excellent writing skills
• Excellent project management skills and experience

• Health Insurance: Highly competitive medical, dental, and vision programs

• Hybrid Environment: Our employees have the flexibility of working in the office and from home.

• Health Care and Dependent Care Flexible Spending Accounts: You may elect to set aside pre-tax earnings to pay for eligible health care and dependent day care expenses for you and your eligible family members.

• Maven Family Building Benefit: Maven offers support for fertility and preconception; pregnancy and post-partum; adoption; surrogacy and pediatrics for children up to age 10. Tradeweb provide a $10,000 lifetime reimbursement towards fertility, egg freezing, adoption and surrogacy expenses.

• Building Wealth - 401(k) Savings Plan: Employees are immediately eligible for the 401(k) plan. Participants may contribute up to 75% of eligible compensation into a traditional 401(k) and/or Roth 401(k). Tradeweb will match 100% of the first 4% of compensation that you contribute.
• The current pay range for this role if performed in the city of New York is currently $140,000 to $285,000 per year, based on a regular, full-time schedule. The amount of pay offered will be determined by a number of factors, including but not limited to qualifications, market data, geographic location, and internal guidelines.

• Pre-Tax Commuter Benefits Program
• ARAG Legal Services
• Employee Assistance Program
• Tuition Reimbursement
• Financial Wellness Tools
• Travel Assistance Benefits
• Pet Insurance
• Corporate Gym Subsidies
• Wellness Perks
• Paid Time Off and Parental Leave