Jobs · Information Technology · North Carolina

Manager - Business Information Security Officers

nCino · Wilmington, NC · 1 wk ago
Information Technology$122k–$213k/yrFull-time

About the role

nCino is seeking a Manager, Business Information Security Office (BISO) to lead a team responsible for maintaining compliance documentation, facilitating customer audits, responding to security inquiries, and supporting vendor assessments across various frameworks.

Responsibilities

  • Manage day-to-day operations of the team, overseeing administration and continuous improvement of compliance processes, systems, and documentation.
  • Support staff development through onboarding, training, coaching, and ongoing feedback.
  • Facilitate team meetings, coordinate resources, and track progress against project milestones and compliance commitments.
  • Manage workload distribution and prioritization to ensure timely response to customer security inquiries, audit requests, and vendor assessments.
  • Oversee the preparation, maintenance, and continuous improvement of compliance documentation and evidence packages.
  • Coordinate responses to customer security due diligence requests, including questionnaires and examiner inquiries.
  • Assist in the development and review of information security policies, standards, and procedures.
  • Maintain current awareness of relevant information security laws, regulations, and frameworks.
  • Partner with engineering, product, and legal stakeholders to escalate security improvement needs.
  • Engage with business stakeholders to gather requirements and communicate project status.
  • Prepare and maintain dashboards and reports tracking compliance activities, open audit items, and team performance.
  • Leverage AI tools and techniques to enhance work efficiency and optimize business operations.

Requirements

  • Undergraduate degree in computer science, information systems, or a related technology field, or equivalent work experience; advanced degree preferred.
  • Five or more years of experience in information security, IT compliance, or a related technical discipline, with at least one year in a team lead or people management capacity.
  • Working knowledge of information security frameworks and standards, including SOC 2, ISO 27001, PCI DSS, and CSA STAR.
  • Familiarity with AI risk and due diligence frameworks, including NIST AI RMF or equivalent.
  • Demonstrated ability to manage compliance documentation, coordinate audit activities, and respond to third-party security inquiries in a regulated environment.
  • Strong communication skills with the ability to explain technical security concepts clearly to non-technical stakeholders.
  • Experience managing or coordinating distributed teams with the ability to prioritize competing demands and drive accountability across workstreams.
  • Understanding of cloud security principles and SaaS or multi-tenant environment security considerations.

Qualifications

  • Desired Experience: Managing vendor risk from the vendor side, familiarity with financial institutions' evaluation of SOC 2 reports, penetration test results, and SIG questionnaires.
  • Knowledge of financial services regulatory expectations from bodies such as OCC, FDIC, NCUA, or state banking regulators; familiarity with GLBA safeguards requirements.
  • Exposure to DORA requirements for organizations serving EU-based financial institutions.
  • Familiarity with secure SDLC practices, vulnerability management, and application security concepts.
  • Experience participating in or supporting a security steering committee or risk committee.

Pay

The pay range for this role is $121,900.00 - $213,300.00.

Similar jobs

Information Security Manager

The Vertex Companies LLCUnited States· 1 mo ago
RemoteInformation Technology$109k–$299k/yrapply on careers.vertexeng.com

Information Security Manager

The Center for Health Information and AnalysisBoston, MA· 2 mo ago
Information Technology$100k–$115k/yrapply on app.jazz.co