Manager, Cybersecurity Governance & Risk

Company: Vibrant Emotional Health
Location: New York
Posted on: November 20, 2023

Job Description:

Position:

Manager, Cybersecurity Governance & Risk

Location:

Remote

Job Id:

2066-400

# of Openings:

1

Position Title: Manager, Cybersecurity Governance & Risk

Salary Range: $104,000 - $120,000

Department: Information Technology

Reports to: Director of Cybersecurity

Location: Remote

Schedule: M-F, 9-5 EST

Formerly the Mental Health Association of New York City (MHA-NYC), Vibrant Emotional Health's groundbreaking solutions have delivered high quality services and support, when, where and how people need it for over 50 years. Through our state-of-the-art technology-enabled services, community wellness programs, and advocacy and education work, we are building a society in which emotional wellness can be a reality for everyone.

Position Summary:

The Manager of Governance and Risk is responsible for overseeing and managing the information technology governance, risk management, and compliance functions within Vibrant Technology. The Manager of Governance and Risk develops and implements policies, procedures, and controls to ensure the IT infrastructure and processes are aligned with industry best practices and regulatory requirements. In addition, will also collaborate with cross-functional teams, including IT, security, legal, and organization stakeholders, to establish a robust governance framework and manage risks effectively.

Responsibilities:

Develop and maintain IT governance frameworks, standards, and policies and collaborate with senior leadership to establish and enforce IT governance practices.
Monitor and ensure compliance with IT policies and guidelines throughout the organization.
Implement IT governance metrics and reporting mechanisms to evaluate the effectiveness of governance initiatives.
Conduct IT risk assessments to identify and prioritize potential threats and vulnerabilities to develop risk mitigation strategies and action plans in alignment with business objectives.
Monitor and assess IT risks on an ongoing basis and make recommendations for risk reduction.
Lead incident response and disaster recovery efforts in the event of a security breach or IT-related incident.
Stay abreast of relevant laws, regulations, and industry standards related to IT and data security.
Establish and manage compliance programs to ensure adherence to applicable regulations (e.g., GDPR, HIPAA, HITRUST).
Coordinate with internal and external auditors to facilitate IT audits and compliance assessments.
Implement corrective actions and improvements based on audit findings and recommendations.
Evaluate third-party vendors' security and compliance practices to minimize potential risks, establish vendor risk assessment processes and monitor vendor compliance with contractual obligations to ensure that vendors meet the organization's security and data protection requirements.
Conduct IT security and compliance training for employees to promote a culture of security awareness.
Develop and distribute educational materials on IT best practices, policies, and procedures.
Provide regular updates and reports to senior management on IT governance, risk, and compliance status and communicate IT security and compliance matters to non-technical stakeholders in a clear and understandable manner.
Contribute to and/or lead other department specific and cross-functional initiatives.

Position Requirements:

Knowledge & Experience
- Demonstrated expertise in governance, risk, and compliance management methodologies, frameworks, and best practices. Proficient in assessing, developing, and implementing GRC strategies to address organizational risks and ensure compliance with relevant regulations and standards.
- Ability to conduct comprehensive risk assessments across various business functions and IT systems. Skilled in identifying potential risks and vulnerabilities and developing effective risk mitigation plans and controls.
- Solid understanding of relevant laws, regulations, and security risk management frameworks (e.g., ISO 27001, NIST Cybersecurity Framework).
- Proficient in designing and implementing internal controls to protect assets, prevent fraud, and maintain data integrity. Experienced in coordinating and facilitating internal and external audits and addressing audit findings.
- Ability to develop and maintain clear, concise, and comprehensive policies, procedures, and guidelines related to GRC. Skilled in ensuring policies are accessible, understood, and adhered to by stakeholders.
- Competent in developing and delivering GRC training and awareness programs for employees and stakeholders. Capable of fostering a culture of compliance and risk consciousness throughout the organization.
- Skilled in managing and responding to security incidents, breaches, or compliance violations. Proficient in analyzing root causes and implementing corrective actions to prevent future occurrences.
- Knowledgeable in evaluating and managing risks associated with third-party vendors and partners. Capable of conducting due diligence and ensuring contractual obligations address potential risks.
- Strong project management and leadership skills.
- Excellent communication and interpersonal skills, with the ability to influence and collaborate across different departments.
- Demonstrated ability to collaborate effectively with cross-functional teams.
- Analytical mindset with a focus on problem-solving and continuous improvement.
  
  Formal Education, Certification & Experience
  - Bachelor's degree in business, risk management, information technology, or equivalent professional experience. Master's degree would be a plus.
  - Relevant certifications such as HITRUST, CRISC, CISA, CISM, or GRC-specific certifications are preferred.
  - Minimum 5 years of experience in IT governance, risk management, and compliance roles.
  - 3-5 years experience managing or leading a team
  - Experience in conducting risk assessments and implementing risk management strategies.
    
    Excellent comprehensive benefits, including medical, dental, vision, supplemental income insurance, pre-tax transit/parking, pre-tax FSA for medical and dependent care, and 401K available. 4 weeks' vacation, plum benefits, etc.
    
    Studies have shown that women and people of color are less likely to apply for jobs unless they believe they are able to perform every task in the job description. We are most interested in finding the best candidate for the job, and that candidate may be one who come from a less traditional background. Vibrant will consider any equivalent combination of knowledge, skills, education and experience to meet minimum qualifications. If you are interested in applying, we encourage you to think broadly about your background and skill set for the role.
    
    Vibrant Emotional Health is an equal opportunity employer. Applicants are considered for positions without regard to veteran status, uniformed service member status, race, creed, color, religion, gender, gender identity, sex, sexual orientation, citizenship status, national origin, marital status, age, physical or mental disability, genetic information, caregiver status or any other category protected by applicable federal, state or local laws.
    
    "Please be aware that fictitious job openings, consulting engagements, solicitations, or employment offers may be circulated on the Internet in an attempt to obtain privileged information, or to induce you to pay a fee for services related to recruitment or training. Vibrant does NOT charge any application, processing, or training fee at any stage of the recruitment or hiring process. All genuine job openings will be posted on our careers page and all communications from the Vibrant recruiting team and/or hiring managers will be from an @vibrant.org email address"
    
    Apply for this Position
    
    Apply with Indeed
    
    //below URL is also hard code in "CareerSiteSecurityHeaderFilter.java".
    (function() (window.IndeedApply--function(f,g)(function h()(var a=c.getElementById("indeed-apply-js").attributes["data-indeed-apply-qs"],b="";a&&""!=a.value&&(b="&"+a.value);return["

Keywords: Vibrant Emotional Health, New York , Manager, Cybersecurity Governance & Risk, Executive , New York, New York

Click here to apply!

Didn't find what you're looking for? Search again!

Let New York recruiters find you. Post your resume for free!

Get New York Executive jobs via email.

View more New York Executive jobs

Other Executive Jobs

Manager Environ Compliance
Description: The Manager Environmental Compliance position, based out of the Bristol, CT Facility, will be responsible for conducting formal and systematic reviews of the facility to ensure compliance with federal (more...)
Company: Clean Harbors
Location: Bristol
Posted on: 01/1/1970

Yard Manager - ()
Description: Headquartered in Hilliard, Ohio, we are a multi-billion dollar stormwater management company, manufacturing pipe and ancillary products. What does that mean When it storms, we capture rain with our drain (more...)
Company: Orion: ADS
Location: Toms River
Posted on: 01/1/1970

Licensed Optical Manager
Description: Join our team of more than 34,000 team members, supporting our members and communities in our Club Support Center, 235 clubs and eight distribution centers. BJ's Wholesale Club offers a collaborative (more...)
Company: BJ's Wholesale Club
Location: Copiague
Posted on: 01/1/1970

Salary in New York, New York Area | More details for New York, New York Jobs |Salary

Associate Director, Clinical Data Management
Description: Working with Us br Challenging. Meaningful. Life-changing. Those aren't words that are usually associated with a job. But working at Bristol Myers Squibb is anything but usual. Here, uniquely interesting (more...)
Company: Bristol Myers Squibb
Location: Levittown
Posted on: 01/1/1970

Yard Manager - ()
Description: Headquartered in Hilliard, Ohio, we are a multi-billion dollar stormwater management company, manufacturing pipe and ancillary products. What does that mean When it storms, we capture rain with our drain (more...)
Company: Orion: ADS
Location: Levittown
Posted on: 01/1/1970

Retail Store Manager
Description: Bring your heart to CVS Health. Every one of us at CVS Health shares a single, clear purpose: Bringing our heart to every moment of your health. This purpose guides our commitment to deliver enhanced (more...)
Company: CVS Health
Location: White Plains
Posted on: 01/1/1970

Multi Unit Restaurant Operations Manager
Description: Come work with us at LGA Airport. The Airport Operations Manager has responsibilities for all areas and aspects of multi-unit restaurant operations within an Airport. Managerial tasks to include, but (more...)
Company: SSP
Location: Rye
Posted on: 01/1/1970

Licensed Optical Manager
Description: Join our team of more than 34,000 team members, supporting our members and communities in our Club Support Center, 235 clubs and eight distribution centers. BJ's Wholesale Club offers a collaborative (more...)
Company: BJ's Wholesale Club
Location: Bethpage
Posted on: 01/1/1970

Senior Manager, Clinical Data Standards
Description: At Bristol Myers Squibb, we are inspired by a single vision - transforming patients' lives through science. -In oncology, hematology, immunology and cardiovascular disease - and one of the most diverse (more...)
Company: Bristol Myers Squibb
Location: Avenel
Posted on: 01/1/1970

Group Home Manager
Description: The New Jersey Institute for Disabilities NJID is one of the largest not-for-profit agencies of its kind in the nation providing services to infants, children and adults with developmental and related (more...)
Company: New Jersey Institute for Disabilities
Location: Pine Beach
Posted on: 01/1/1970

Loading more jobs...

Manager, Cybersecurity Governance & Risk

Didn't find what you're looking for? Search again!

Other Executive Jobs

Log In or Create An Account