Head of Cybersecurity and IT Risk

The Technology Department at Dimensional leverages the rapidly evolving state of the art to engineer the platforms that power the innovative, research-driven financial and technical products to improve our client’s financial lives. 

As leader of the Cybersecurity and IT Risk teams, you will develop the next evolution of the Cybersecurity/Risk Program, including maturing operational capabilities, implementing new defensive strategies, building threat intelligence/management capabilities and driving down risk across the enterprise.

Responsibilities: 

• Assess, evolve and lead the Cybersecurity program to achieve appropriate levels of risk for the enterprise.

• Establish and drive a risk framework to identify areas of opportunity for further risk mitigation.

• Manage and grow a multidisciplinary team personally and professionally to meet enterprise and individual goals.

• Interface regularly with Executive Management and the Board of Directors to ensure alignment of our control portfolio and associated outcomes.

• Partner with peers in technology, legal, compliance and enterprise risk to ensure alignment of goals and outcomes.

• Ensure that we meet or exceed regulatory standards and commitments; stay informed of the ever-changing regulatory landscape. 

• Drive incident management capabilities through leadership and rigorous process.

• Measure everything.  Create visibility for executives and board members as well as operational teams.

• Report to boards, executives, and key stakeholders on our state of risk.

• Optimize operational capabilities to provide robust detection/prevention capabilities and produce actionable intelligence.

• Design/refine/implement a threat informed defense.  

Qualifications:  

• Bachelor’s degree in Computer Science, Information Systems/Technology, Cybersecurity, Risk Management, or a related field, or equivalent practical experience. Advanced degree a plus.

• 10+ years’ experience in building/managing enterprise cybersecurity/risk functions. 

• Proven track record of building and managing security subteams (engineering, operations, GRC, etc) effectively improving the security posture of an organization.

• Experience with organizational change management and a focus on managing user experience.

• Deep understanding of technology infrastructure and its role in enabling business operations.

• Experience interfacing and communicating with executives in the capacity of cybersecurity/risk responsibilities.

• Familiarity with financial/cybersecurity regulatory frameworks and responsibilities.

• Experience leading enterprise scale projects, processes/initiatives.

Preferred Competencies: 

• Certifications in one or more of the following preferred: CISSP, GSLC, GSOM, GISP, GCIL, OSCP, GSE

• Experience with international regulatory data protection and privacy standards (GDPR, DORA, etc). 

• Experience in incident management and reporting.

• Experience in the financial services industry, particularly familiarity with relevant regulatory requirements

#LI - Hybrid

Dimensional offers a variety of programs to help take care of you, your family, and your career, including comprehensive benefits, educational initiatives, and special celebrations of our history, culture, and growth.

It is the policy of the Company to provide equal opportunity for all employees and applicants.  The Company recruits, hires, trains, promotes, compensates, and administers all personnel actions without regard to actual or perceived race, color, religion, religious practice, creed, sex, sex stereotyping, pregnancy (which includes pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), caregiver status, gender, gender identity, gender expression, transgender identity, national origin, age, mental or physical disability, ancestry, medical condition, marital status, familial status, domestic partnership status, military or veteran status or service, unemployment status, citizenship status or alienage, sexual orientation, status as a victim of domestic violence, status as a victim of stalking, status as a victim of sex offenses, genetic information, political activities or recreational activities, arrest or conviction record, salary history, natural hairstyle or any other status protected by applicable law except as otherwise required or permitted by law or regulation applicable to the Company or its affiliates.