Jobs · Information Technology · New York

Director, Cybersecurity Regulatory Engagement (1LOD)

hackajob · New York, NY · 2 wk ago
On-siteInformation Technology$116k–$246k/yrFull-time

Role Summary

The Director, Cybersecurity Regulatory Engagement (1LOD) is an individual contributor role within Cybersecurity Governance, Risk & Controls (CGRC). Consistent with the First Line of Defense (1LOD) mandate, this role manages and executes cybersecurity regulatory engagement activities contributing to effective risk and control outcomes.

Primary Responsibilities - 1LOD Alignment

  • Execute end-to-end cybersecurity regulatory engagements, including regulatory exams, supervisory meetings, remediation activities, and requests for information (RFIs).
  • Carefully coordinate globally with cybersecurity process owners, control owners, and subject matter experts to deliver accurate, consistent, and regulator-ready responses. Additionally, partner closely with Engineering Controls, Technology Risk (2LOD), Internal Audit (3LOD), and other cross-functional stakeholders to ensure coordinated and well-governed regulatory execution.
  • Reinforce a risk-aware culture through disciplined 1LOD execution.
  • Drive the development of high-quality regulatory submissions by coordinating input across control owners, subject matter experts, and technical teams.
  • Ensure alignment with the firm's cybersecurity posture and risk appetite by reviewing, challenging, and approving key regulatory responses.
  • Leverage AI-enabled capabilities to improve response quality, consistency, and reuse in a centralized regulatory response repository.
  • Prepare executive-level briefings, materials, and talking points for senior management, including materials for senior management committees and boards.
  • Partner with Engineering Controls, Risk, Compliance, Legal, and Internal Audit leadership throughout regulatory engagements.
  • Provide status updates and analysis to cybersecurity leadership.
  • Lead, coach, and oversee supporting team members.
  • Maintain accurate regulatory engagement tracking, documentation, and artifacts in accordance with CGRC governance standards.
  • Contribute to continuous improvement of regulatory engagement playbooks, job aids, and execution routines.
  • Support reporting and metrics to provide transparency into regulatory risk, themes, and engagement status.
  • Support the design, implementation, and assessment of controls addressing regulatory expectations.
  • Contribute to 1LOD risk and control taxonomies.
  • Identify control gaps, thematic issues, and systemic risks surfaced through regulatory engagements and partner with control owners to drive remediation.

Required Qualifications

  • 12+ years of experience in cybersecurity, technology risk, governance, audit, controls, or related technology disciplines.
  • Extensive experience in regulatory engagements, risk management, audit, or compliance within a large, complex, and highly regulated organization.
  • Proven track record leading regulatory exams, supervisory interactions, or other types of regulatory engagements.
  • Experience operating in a First Line of Defense (1LOD) role.
  • Demonstrated ability to operate effectively at senior leadership and executive levels.
  • Strong understanding of cybersecurity risk management, control frameworks, and regulatory expectations applicable to financial institutions.
  • Ability to synthesize complex technical and risk topics into clear, defensible regulatory narratives.
  • Exceptional written and verbal communication skills, with experience engaging regulators and senior executives.
  • Strong judgment, executive presence, and the ability to influence outcomes without direct authority.
  • Ability to manage multiple high-stakes regulatory engagements concurrently under pressure.

Similar jobs