What are the responsibilities and job description for the Information Security Risk Specialist position at Bessemer Trust Company, N.A.?
Job Summary:
Reporting to the Information Security Risk Manager, the Information Security Risk Specialist is a highly collaborative role with primary responsibility for identifying risks across Bessemer's information technology and information security programs and recommending appropriate and effective solutions that align with business goals. The Information Security Risk Specialist will work with the Information Security Risk Oversight Manager to establish robust procedures for oversight and on-going monitoring of these risks. Relevant risk factors may include the risk of a system failure or loss of data as well as reputational risk and regulatory compliance.
Responsibilities will include:
- Perform comprehensive IT and security risk assessments, monitor vulnerabilities, and develop actionable risk metrics and dashboards.
- Execute security risk related projects/programs, such as updating security policies, standards and participating in security awareness programs.
- Monitor current and proposed laws, regulations, industry standards, and ethical requirements related to Information Security and Privacy
- Work with the Information Security Risk Oversight Manager, and the CISO to oversee a framework and methodology for completion of contingency plans by internal business units.
- Interface with Internal and External Auditors and Regulators
- Familiarity with maximizing the use of Governance Risk and Compliance automation software
- Establish protocols for the reporting and escalation of any security, privacy, or identity theft incidents, as appropriate.
- Work closely with Information Technology, Compliance, Legal and other business units to integrate compliance requirements into technology/information security related projects and business processes
Qualifications:
- Bachelor's degree
- 3-5 years experience of information technology security, risk management, Audit or Compliance
- Preferred certifications include at least one of the following: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager, (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC)
- Experience with technology risks and controls and deploying information governance, information technology risk management, compliance, information security, or privacy programs required
- Knowledge of information security risk management and IT controls frameworks and methodologies (e.g. NIST CSF, ISO/IEC 27005, ISO/IEC 27001 and/or ISO/IEC 27002)
- Familiar with project management best practices, including planning, execution, monitoring, and risk management to ensure successful project delivery.
- Exposure to and familiarity with relevant standards such as Gramm-Leach-Bliley Act (GLBA), Cybersecurity Supervision Work Program (CSW) is a component of the Office of the Comptroller of the Currency's (OCC), Federal Financial Institutions Examination Council (FFIEC) Information Technology (IT) Handbooks, and applicable laws related to regulatory compliance, information security and privacy
- Familiar with Risk Management Principles (risk avoidance, transfer, mitigation, acceptance), and Risk Assessment process.
- Understanding of key technology concepts such as access control, confidential data, encryption, business continuity, and security monitoring tools
- A strong knowledge of IT organization business processes and systems including IT security, data management, architectural and planning, technology life cycle management, continuous audit, regulatory concerns and FFIEC examination materials
- Understanding of risk management functions, including technical standards (preferably CIS) and their implications
- Excellent oral and written communication skills to collaborate with employees at all levels of the organization
- Highly organized with ability to prioritize in a fast-paced environment
- Advanced computer skills and proficiency in Microsoft Office products
- Solid problem-solving skills and the ability to be highly productive, both working independently and as part of a team.
About Bessemer Trust:
Bessemer Trust is a leading multifamily office, overseeing more than $200 billion in assets for over 3,000 individuals and families of substantial wealth. Its 1,200 employees are singularly focused on private wealth management — disciplined investment management, sophisticated wealth planning, comprehensive family office services, and highly personalized client service. Established in 1907 as the family office for Annie and Henry Phipps, Bessemer Trust is in its seventh generation of ownership by the Phipps family. As a self-made entrepreneur, Henry Phipps was a founding partner and chief financial officer of Carnegie Steel. Bessemer Trust retains its original focus as a privately owned and independent wealth manager deeply committed to its mission of providing peace of mind to its clients. Bessemer's adherence to putting clients' interests first, fiduciary mindset, and highly collaborative culture are at the heart of everything the firm does.
- For more than 117 years, Bessemer Trust has operated continuously in a single line of business, independently owned by one family.
- Headquartered in New York's Rockefeller Center, Bessemer Trust has 22 offices in total. Woodbridge, NJ, is one of the firm's largest offices, which hosts a wide range of technology and operations professionals. In addition to its sizable presence in New York and Woodbridge, the firm provides client service through offices in Atlanta, Boston, Chicago, Dallas, Delaware, Denver, Garden City, Grand Cayman, Greenwich, Houston, Los Angeles, Miami, Naples, Nevada, Palm Beach, San Diego, San Francisco, Seattle, Stuart, and Washington, D.C.
- To watch a video about Bessemer Trust's history, click here.
- To learn more about Bessemer Trust, click here. About Our Employee Rewards and Benefits: We provide exceptional rewards and benefits that are among the best in the industry, giving our people access to a wide range of options, including:
- Competitive base salary plus discretionary annual bonus for select positions
- A 401(k) plan with a generous annual profit-sharing contribution
- Personalized development and career opportunities, including tuition reimbursement support
- Comprehensive medical, dental, and vision plans with zero contributions for employee coverage
- Employee assistance (EAP) and wellness programs
- Hybrid work environment: 60% in office, 40% remote for most positions
- Paid time off and paid parental leave
- Employer-paid life insurance and short- and long-term disability coverage
- Legal services and financial wellness plans at no cost to employees
Bessemer Trust is committed to creating a diverse and inclusive environment and is proud to be an equal opportunity employer. We encourage candidates of diverse backgrounds to apply.
