GreenSky Administrative Services LLC

  • Vice President of IT Security

    Job Location(s) US-GA-Atlanta | US-GA-Alpharetta
    Posted Date 3 months ago(2/5/2019 1:25 PM)
    Job ID
    2019-3737
    # of Openings
    1
    Category
    Information Technology
  • Overview

    Position:  Vice President of Security

     

    The VP, Security reports directly to the Chief Security Officer. This position is a critical leadership role, responsible for maturing and leading a dedicated, information security, physical security, privacy and compliance program. GreenSky’s Security and GRC teams are cutting edge, dynamic and cover a staggering breadth of capabilities.

     

    This role requires an extraordinary breadth of experience and skill sets to be effective, because the teams that report to this role are responsible for everything from Compliance (both Security and Privacy), Risk Management, and Continuity, to Physical Security, Operational Security, and Incident Response, to Forensics and eDiscovery. While this is not generally a hands-on technical role, mentoring both GRC and technical team members is a key part of the role, and so a strong technical background and significant base of hands-on security experience is an absolute must have.

     

    This role is responsible for ensuring enterprise compliance against both GreenSky and regulatory audit architectures, controls, cybersecurity and operational polices, procedure and standards. This position includes significant executive interface, and as such requires extraordinary professional presence, communication and decision-making skills.

     

    Location:  Atlanta, Georgia or Alpharetta, GA

    Duties & Responsibilities

    • Lead, collaborate, and develop technical security, computer network defense and information assurance controls, policy, procedure, specifications and standards for all GreenSky enterprise environments
    • Represent GreenSky to external third parties, clients, regulators and industry peers on technology compliance topics
    • Advise senior leadership on managing and minimizing non-compliance
    • Stays informed on the latest developments, at a global scale, which may impact current technology compliance and privacy
    • Responsible for working with other organizational elements to define Key Performance Indicators (KPIs) and Measures and the corresponding reporting and score cards showing performance against these standards and KPIs
    • Responsible for implementation and oversight of a testing mechanism and the system of internal controls which provides reasonable assurance of technology compliance against GreenSky policies, procedures, standards and controls
    • Monitors compliance and regulatory requirement and has executive level accountability for both internal and external audit findings
    • Draft and maintain information IT operational and security risk policies; oversee annual policy review
    • Supports implementation of processes to satisfy internal and regulatory requirements including ISO 27000, PCI DSS 3.2, HIPAA, SOC1/2, NIST 800-53, NIST Cyber Security Framework, FFIEC Cyber Security Framework, GLBA, CCPA and Sarbanes-Oxley
    • Researches security and privacy industry trends, identifies ongoing security and control requirements, analyzes security risk management tools for continuous improvement
    • Demonstrates excellent leadership skills, inspires teamwork and responsibility by engaging team members, and uses current technology/tools to enhance the effectiveness of deliverables and services

    Required Skills/Qualifications

    Required Skills & Qualifications:

    • Bachelor's degree. An equivalent combination of education and work experience may be taken into consideration in lieu of a degree
    • 15 (fifteen) + years of relevant Information Technology (IT) experience, with a minimum of 5 years' of leadership experience focusing on Information Security, IT Risk, Governance and Compliance
    • PCI-DSS audit experience and privacy experience are critical
    • SOC 1, Type 2, SOC 2, Type 2 audit experience is helpful
    • Demonstrated knowledge of recognized IT audit-related standards and regulations
    • Demonstrated knowledge of recognized IT process and quality frameworks such as COBIT
    • Experience with Security compliance programs, standards and regulations including ISO 2700x, HIPAA, NIST 800-53, NIST Cyber Security Framework, FFIEC Cyber Security Framework, GLBA
    • HITRUST experience is a big plus
    • Exceptional verbal and written communication skills
    • Experience with High Priority, High Activity and Multi tasked Environments

     

    Preferred Skills:

    • Financial services, especially consumer lending experience is ideal but not required
    • Desirable certifications include CISA, CISSP, CRSIC, CISM, CBCP, CIA, CIPP, CIPM, CIPT, CCSK, CPP, ASIS PCI, PSP and CFE
    • Experience with GRC methodologies, tools and enablers in the financial services sector

     

    Shifts:  Varies between 7:00AM and 7:00PM

                                   

     

    GreenSky is an equal opportunity employer and will not discriminate against any employee or applicant on the basis of age, color, disability, gender, national origin, race, religion, sexual orientation, veteran status, or any classification protected by federal, state, or local law.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed