Senior Information Security & Risk Manager
About the role
NFA is purpose-driven. We safeguard the integrity of the derivatives markets, protect investors and ensure that our Members meet their regulatory obligations. We take pride in our work; maintain a conviction to do the right thing; empower each other; and support our community. Envision your career in a place where performing critical regulatory work within the financial industry is as significant as the passionate and talented individuals with whom you work.
Responsibilities
- Support the development, implementation, maintenance, and improvement of NFA's information security compliance program.
- Assess and monitor the effectiveness of information security controls, compliance activity, risk mitigation efforts to ensure alignment with regulatory, industry, and organizational requirements.
- Develop and enhance information security policy standards, procedures and related governance documentation.
- Collaborate with various departments and stakeholders to identify compliance gaps, evaluate risk, and support remediation activities.
- Help lead internal and external audits and prepare compliance materials for regulatory reporting and information requests, including those related to CFTC submissions.
- Maintain professional knowledge through continuous education, industry engagement, and awareness of evolving cybersecurity, compliance, privacy, and AI governance practices.
- Assess governance, risk, compliance, and control considerations associated with emerging technologies, including artificial intelligence and support the development of appropriate policies, and oversight practices.
Requirements
- Bachelor's degree in Information Security, Cybersecurity, Risk Management, or related field.
- A minimum of 7 years of experience in information security, cybersecurity compliance, IT risk management, or related discipline.
- SME in NIST CSF, NIST SP 800-53, FISMA, and information security governance.
- Experience supporting regulatory examinations, audits, control assessments, or compliance reviews.
- Expertise in information security risk management methodologies and control frameworks.
- Knowledge and interest in emerging cybersecurity concepts, as well as AI governance considerations.
- Strong analytical, organizational, problem solving, and communication skills.
- Ability to collaborate and work with departments across multifaceted organizations.
- Skilled in developing executive reports and presentations that convey complex information security and risk concepts to both technical and non-technical audiences.
- Relevant certifications such as CISSP, CISM, CRISC, CGRC, or similar certifications are preferred.
Benefits
Customers and market participants depend on NFA to act with integrity and impartiality as it carries out its mission of safeguarding the markets and protecting investors. Therefore, NFA employees have a responsibility to conduct themselves according to high ethical standards, and must abide by NFA's Code of Professional Conduct. Learn more about the Code of Professional Conduct.
Pay
The salary range for this position is $152,950 to $272,000.
Schedule
Not specified.
Qualifications
Not specified.
Skills
Not specified.
Equal Opportunity Employer
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.
Application Instructions
Not specified.
See what we offer
To learn more about NFA and the benefits we offer please visit: What We Offer.
Nearest Major Market
Chicago