Cyber GRC Manager

Company: Pacific Life Insurance Company
Location: Newport Beach
Posted on: January 12, 2021

Job Description:

Job Description:Pacific Life is investing in bright, agile and diverse new talent to ensure we continue to innovate and strengthen relationships with our policyholders. That---s why we---re actively seeking a Cybersecurity Governance Risk & Compliance (GRC) Manager to join our team and take part in our people-first culture.Job Description/Requirements :This role will be responsible for supporting the Pacific Life Enterprise Information Security Office located in Newport Beach, CA. This position will work with various IT teams and business units to provide information security governance, risk, and compliance (GRC) services to the enterprise. You will work with the EISO operational and Engineering teams, as well as, other stakeholders in IT, risk, compliance, privacy, legal, and internal audit to prioritize and deliver information security GRC services. You should be familiar with modern security risks and controls able to dive deeply and rapidly to iterate on ideas and solutions despite ambiguity. This position will report directly to the CISO.POSITION SUMMARYThis fulltime role will be responsible for supporting the Pacific Life Information Security Program, located in Newport Beach, CA. This position will work closely with stakeholders across the enterprise to maintain and grow core aspects of the Information Security Program, including governance, policy and standards, control design, business continuity planning & disaster recovery, third party risk management, and training & awareness services.Responsibilities include:Program management / reporting / communication - Lead the annual security program roadmap and status reporting on initiatives and KRIs. Create presentation materials and lead discussion for key stakeholder meetings.Policy management - Own the user policies, align with Privacy and ComplianceTraining & awareness - Manage and grow the annual training / awareness program for technical and non-technical stakeholders.Regulatory analysis - Conduct analysis of new regulations that impact the information security / privacy program.Program assessments - Coordinate external reviews / assessments from regulators, audit firms, and client due diligence requests.Risk management - Own the security risk register and the ongoing management of inherent and residual risks. Prepare heat maps and analytics of known risks.FACTORS FOR SUCCESSB.S. in IT related discipline or similar degree preferable. Professional certification such as CISSP, CISM are a plus.7 - 10 years of experience with the following:Strong oral and written communication skillsStrong problem solving and troubleshooting skills with experience exercising mature judgementExcellent teamwork and interpersonal skillsGeneral information security experience and knowledge of general security concepts, such as defense-in-depth, least privilege, security architecture and design, threat modeling, etc.Experienced in collaborating at all levels of an enterpriseCreativity and initiative in work product, positive and helpful attitude proposing solutions to resolve problemsProfessional and technical certifications desired but nor required such as CISM or CISSPAbility to reach technical and non-technical audiences across all levels of the organization.Ability to leverage industry frameworks (NIST, ISO, etc.) for Financial Services / Insurance to provide control context and benchmarking.Work experience related to information security and/or IT operational risk management is essential, across cloud and traditional IT patterns. Experience within large Financial Services firms is preferred.Comprehension of the regulatory and legal landscape driving privacy/information security (HIPAA, NY DFS, GDPR, CCPA, etc.)A solid understanding of current technology capabilities, and a keen interest in staying abreast of emerging technology trends and information security domains.Experience in leading change and the principles of change management.Experience in contracting, implementing, and managing security service providers.Experience with implementing and managing GRC software solutions for Information Security use cases.Design and deliver enterprise level GRC security solutions and services as prioritized by the CISO and Cyber Defense teamManage end-to-end portfolio delivery in terms of schedule, cost, scope and quality; anticipate risks and issues that may arise during the delivery of the portfolio process and ensure that appropriate mitigation actions are in placeDemonstrate accountability; lead people with passion, enthusiasm, loyalty and integrityManage HR processes: Employee engagement, performance reviews, talent developmentEngage in resourcing processes to ensure organizational agilityAct as a change agent, seeking opportunities to challenge the status quo to meet business objectivesDesign, measure and assess key performance metrics to inform data-driven decisionsSocialize the value and importance of cybersecurity across IT areas, operating as an extended arm of the Enterprise Information Security OfficeAlign with and support the execution of the Information Security Office vision and strategyHow We Help You Succeed:We---re fostering a culture of shared values across our company by providing generous compensation and comprehensive benefits that allow our employees to find fulfillment and security in personal life and career alike. These include: Competitive Salary and BenefitsWork-Life Balance & Flexible SchedulingMedical, dental, and vision as part our commitment to investing in the health and wellbeing of our employeesTwo retirement savings plans: 401k savings plan with company match and Company Retirement Contribution (company-paid)Generous PTO and holiday payWarm Colleagues & Inspiring CultureEEO Statement:Pacific Life Insurance Company is an Equal Opportunity /Affirmative Action Employer, M/F/D/V. If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access our career center as a result of your disability. To request an accommodation, contact a Human Resources Representative at Pacific Life Insurance Company.Job InfoType: Full timeLocation: Newport Beach CA-700

Keywords: Pacific Life Insurance Company, Newport Beach , Cyber GRC Manager, Executive , Newport Beach, California