Head of Information Security

Focuses on global investment strategies including Global Credit, Global Convertible, Volatility & Capital Structure Arbitrage, Event-Driven Investing, Equity Long/Short & Capital Markets Trading, and Global Quantitative Trading. We are seeking an experienced Head of Information Security to lead our cybersecurity initiatives, with a strong focus on safeguarding our systems and data. The ideal candidate will have a deep background in cybersecurity within the financial services sector, particularly on the buy-side, and be adept at aligning security measures with business objectives. This role involves strategic planning, risk management, and the implementation of advanced threat detection and response strategies to protect against sophisticated cyber threats.

Responsibilities:

Strategic Leadership and Security Architecture: Develop and execute a comprehensive information security strategy that incorporates the latest in security technologies and methodologies. Provide direction on security architecture design to ensure robust defense mechanisms are in place across all systems and platforms.
Threat Management Platforms: Implement and maintain state-of-the-art threat management platforms to monitor, detect, and neutralize cyber threats in real-time. Ensure these platforms are seamlessly integrated into our existing infrastructure for optimal performance and protection.
Threat Detection Solutions: Deploy advanced threat detection solutions, utilizing AI and machine learning technologies where applicable, to identify and mitigate potential security breaches before they occur.
Managed Detection and Response (MDR) & Security Information and Event Management (SIEM): Collaborate with managed services to enhance our MDR and SIEM capabilities, ensuring rapid response to security incidents and continuous monitoring of our network and systems.
Security Configuration and Policy Development: Regularly review and update security configurations and policies to comply with evolving regulations and best practices. Lead the development and enforcement of security policies, standards, and guidelines.
Risk Management and Compliance: Conduct comprehensive risk assessments and ensure compliance with all relevant regulations (e.g., GDPR, CCPA, SEC). Implement effective risk management strategies to mitigate identified risks to an acceptable level.
Incident Response and Remediation: Lead incident response efforts with a clear protocol for investigation, containment, eradication, and recovery. Ensure lessons learned are integrated into future security strategies to prevent recurrence.
Stakeholder Engagement and Team Leadership: Communicate complex security strategies and risks to non-technical stakeholders, fostering a culture of security awareness. Build and mentor a high-performing information security team focused on innovation and excellence.
Tabletop Exercises, Internal/External Pen Testing, and Phishing Simulations: Organize regular tabletop exercises, conduct both internal and external penetration testing, and run phishing simulations to evaluate security posture, enhance incident response capabilities, and educate the workforce on cybersecurity threats.

Requirements:

• Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field or equivalent experience. Professional security certifications (CISSP, CISM, CISA) preferred.
• At least 10 years of cybersecurity experience within the financial services industry, with a minimum of 5 years in a leadership role. Experience on the buy-side is highly desirable.
• Expertise in implementing and managing threat management platforms, SIEM, and MDR solutions.
• Familiarity with cloud security, encryption technologies, and the latest cybersecurity trends and tools.
• Strong leadership abilities, with experience managing cross-functional teams and projects.
• Excellent communication skills, with the ability to articulate complex security issues to a broad audience.