Position: Executive

Jobtyp: Full-time

Loading ...

Jobinhalt

FactSet creates flexible, open data and software solutions for tens of thousands of investment professionals around the world, providing instant access to financial data and analytics that investors use to make crucial decisions. For 40 years, through market changes and technological progress, our focus has always been to provide exceptional client service. From more than 60 offices in 23 countries, we’re all working together toward the goal of creating value for our clients, and we’re proud that 95% of asset managers who use FactSet continue to use FactSet, year after year.

Role/Department Description

FactSet is currently seeking a Vice President of Product Securityto lead the Product and Application Security team. As one of the most senior members of the FactSet security leadership team, this individual would have global responsibility for the management of all aspects of securing our products and applications through a secure development lifecycle, from threat models, to security architecture, to design reviews, to secure CI/CD, to pentesting. You’ll be part of a dynamic team that is focused on execution and delivery. This role is hands-on as well as scales to that of running a broad set of responsibilities with senior executive visibility and reporting.

This position will report directly to the global Chief Information Security Officer.

Key Duties And Responsibilities
  • Leading FactSet’s product and application security function, including planning and development of the company’s security strategy in support of the strategic business plan.
  • Driving best-in-class product and application security standards and frameworks.
  • Focus on SDLC, client data encryption and protection, cloud security, key management and code signing, and product and application incident and vulnerability management.
  • Identifying security technologies and trends ensuring FactSet’s products and operating environments keep pace with technological changes and innovation.
  • Defining and executing product and application security communication, training and awareness programs.
  • Hiring and developing the product and application security team to grow to the next level of maturity and scalability.
  • Produce operational metrics to highlight trends and detail organizational effectiveness.
  • Collaborating with IT and engineering teams to design and implement security controls that enable business initiatives and reduce risk in our products and applications.
  • Be able to build strong partnerships with stakeholders across FactSet’s diverse engineering functions, leverage strong interpersonal skills to ensure the product and application security team is business enabler and doesn’t stifle engineering innovation.
  • Define strategic secure development lifecycle roadmap and associated time frames and barriers to entry for methodically improving FactSet’s secure development practices and enabling market differentiation.
  • Provide departmental leadership in the absence of the CISO.
  • Represent the mission and interest of the security program on behalf of the CISO including providing reports to senior management as needed
  • Other duties and obligations as assigned by the CISO
Minimum Qualifications
  • Bachelor’s degree in related discipline (Information Systems, Computer Science or related field) or related professional experience.
  • Certifications in one or more of the following, CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), etc., highly desirable.
  • 10+ years of cyber and information security experience
  • Demonstrated experience managing within an enterprise-level information security program
  • Experience in penetration testing / red team / vulnerability assessment
  • Experience managing vendors and service providers and performing oversight for the delivery of security capabilities
  • Significant technical knowledge of information technology security programs, concepts, processes, trends, and best practices
  • Demonstrated knowledge of internal controls and enterprise risk management programs
  • Leadership experience with multiple, cross-functional teams or projects, and influencing key stakeholders
  • Demonstrated knowledge of business principles including general management, human relations, conflict resolution, finance and budget, project management and business strategic planning
  • Demonstrated possession of sound judgment, highly developed negotiation and facilitation skills and excellent communication skills.
Preferred Qualifications
  • 6+ years of supervisory experience
  • 5+ years of software development
  • Advanced working knowledge of cyber and information security standards, frameworks, technologies, control strategies, compliance practices
  • Strong verbal and written communication skills, excellent judgment and interpersonal skills
  • Experience in managing diverse security functions in a global capacity
  • Experience in delivering large, multi-faceted security programs at a global enterprise scale
  • Detailed knowledge of security domains and common security controls
  • Expertise in common system, software and web application vulnerabilities (e.g., OWASP Top 10)
  • Able to deliver quality results in a high-energy/high-pressure environment
  • Ability to multi-task and manage demands of many projects, issues, and tasks
FactSet is an Equal Opportunity Employer – M/F/Veteran/Disability/Sexual Orientation/Gender Identity
Loading ...
Loading ...

Frist: 21-11-2024

Klicken Sie hier, um sich für einen kostenlosen Kandidaten zu bewerben

Anwenden

Loading ...

ÄHNLICHE ARBEITEN

Loading ...
Loading ...