Chief Information Security Officer

Job ID
2016-1172
Category
Technology
Jersey City
NJ

Overview

About Lord Abbett:

 

Founded in 1929, Lord Abbett is an independent firm with a singular focus on the management of money. Over the course of our history, we’ve earned a sterling reputation for our leadership, influence, and innovation in the asset management industry. Today, our independent perspective, our commitment to active management, and our intelligent product design continue to make us relevant to individual and institutional investors.

 

From the very beginning, we’ve recognized that our people are our greatest asset. As an investment-led, investor-focused firm, we value intellectual curiosity, teamwork, and collaboration across the organization.

 

We’re looking for people with a keen interest in working for a trusted leader in the asset management industry, a desire to expand their knowledge, and a passion for delivering a client experience that exceeds expectations.

 
Now that you know our history, are you ready to be a part of our future?

 


Job Overview:

 

The chief information security officer (“CISO”) is responsible for maintaining, enhancing and overseeing an information security program for Lord Abbett, including the governance, management, and advising on or coordinating as appropriate, the information security efforts across the organization. This position reports to the Chief Information Officer and will be a member of the Information Security Management Leadership team. Working with senior management and the General Counsel in the Legal Department , the CISO will maintain and enhance as needed, a firm -wide information security strategy and vision. The CISO oversees the maintenance and enhancement of information security policies and procedures, leads security risk assessment efforts, and drives information security awareness and training programs. He or she also advises and collaborates on development of business continuity and disaster recovery plans, audit, vendor management, and regulatory compliance practices. The candidate will work closely with the CIO, technology security partners, and business stakeholders to ensure that Lord Abbett’s information security program follows industry best practices, SEC, FINRA, NFA, and other regulatory and legal requirements, and aligns with company business objectives.

Responsibilities

The CISO will provide leadership and work in partnership with the business and individuals across Lord Abbett to maintain and enhance security policies and procedures, assess security risk, and establish strategic direction. The CISO will be responsible for maintaining and enhancing existing standards and practices to manage the confidentiality, integrity and availability of assets and data. The CISO will oversee the governance and management of the information security program, and will advance its overall mission to identify and mitigate any information security-related risks that could potentially create inappropriate exposure to Lord Abbett’s business or its clients’ data.

 

Specific Responsibilities include, but are not limited to:

  • Provides risk assessments, risk reports, strategy and operating model, program updates, and advises the Risk Management Steering Committee on all matters pertaining to information security and their potential impact on Lord Abbett
  • Accountable for the maintenance, enhancements, and monitoring of a strategic, risk management based, information security program to ensure the availability, integrity and confidentiality of information across Lord Abbett and at its service providers
  • Collaborates with the Chief Privacy Officer on maintaining, enhancing, and monitoring the Lord Abbett identity theft program.
  • Provide leadership in the analysis and discussion of security policies, standards and practices, and guides the acquisition of advanced security controls
  • Responsible for employee information security education and awareness
  • In conjunction with colleagues from Legal and Compliance, evaluate and disseminate regulatory information security rules, laws, and best practices,and collaborate with internal and external counsel as needed
  • Collaborates with the Vendor Management Committee on identifying and addressing 3rd party service provider security risks
  • Responsible for threat intelligence and information sharing activities through participation in industry security groups and collaborates with internal technology partners
  • Evaluates security risk and acts expeditiously in making decisions and recommendations, while considering the business impact
  • Leads and coordinates, internally and externally, responses to security incidents, providing timely reports during the incident and remediation, as well as proposing solutions to anticipate, prevent, or mitigate future incidents
  • Creates or enhances security policies, standards, processes and procedures
  • Responsible for maintaining and enhancing, as applicable, the Firm’s Incident Response Policy and protocol
  • Collaborates with senior business representatives in the RIM Committee to develop and review new security policies relevant to changing conditions and priorities
  • Enhances and maintains information security risk mitigation plans, including leading the security incident response team in prevention, investigation, mitigation and reporting activities
  • Oversees outside consultants for independent security audits, engagements and monitoring, including regular penetration and vulnerability testing
  • Stays up-to-date on information security and safety protocols
  • Balances information security needs with the organization's strategic business plan, identifies risk factors with evolving business plans, and proposes mitigating solutions
  • Collaborates with Human Resources and Operations on best practices for physical security
  • Provides information security program updates and risk assessments and analysis to Lord Abbett senior management and external constituencies, including fund boards, consultants, and clients
  • Performs other duties as assigned

Qualifications

  • Certification as a Certified Information Security Systems Security Professional (CISSP), Certified Chief Information Security Officer (CCISO), or Certified Information Security Manager (CISM)
  • Knowledge of information security frameworks and standards, such as NIST and ISO 27002
  • Demonstrated experience with information security policy and governance
  • Demonstrated leadership experience as evidenced by successful program adoption in the asset management or finance space.
  • Demonstrated accomplishments in program leadership, policy development, management, and risk assessments
  • Demonstrated strong interpersonal and communications skills, plus the ability to achieve goals through influence, collaboration and cooperation
  • Demonstrated ability to work with senior management and technology partners
  • Knowledge of incident response planning and forensics investigations
  • Integrity and high standards of personal and professional conduct
  • Demonstrated knowledge of data classification and protection strategies / controls, including data leakage and monitoring best practices
  • Strong knowledge of regulatory rules and standards that govern information security practices in the financial services industry, such as SEC, FINRA, CFTC/NFA, and state and federal privacy laws
  • Strong written and oral communication skills, including the ability to interact directly with business partners who do not have a security background

 


Preferred Qualifications:

  • Advanced degree in the field of information security or security studies
  • Direct experience in the information security risk management and governance
  • 10+ years of experience with information security policy and program management
  • 5+ years of CISO demonstrated leadership experience
  • Experience working in the financial services industry, preferably for an asset management company

 

 

Lord Abbett is an equal employment opportunity employer.  We are committed to providing equal employment opportunities to all qualified individuals without regard to the following legally protected characteristics: race, color, religion, sex, pregnancy, national origin, age, physical or mental disability, marital status, sexual orientation, sexual identity, caregiver status, military/veteran status, or any other characteristic protected by local, state or federal law.   All employment decisions at Lord Abbett are based solely on the applicant’s relevant experience, skills and qualifications.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed