IT/IS Policy and Standards Framework Lead

  • Competitive
  • Jersey City, NJ, USA
  • Permanent, Full time
  • New York Life Insurance Company
  • 21 Oct 17 2017-10-21

IT/IS Policy and Standards Framework Lead

New York Life Insurance Company ("New York Life" or "the company") is the largest mutual life insurance company in the United States*. Founded in 1845, New York Life is headquartered in New York City, maintains offices in all fifty states, and owns Seguros Monterrey New York Life in Mexico.

New York Life is one of the most financially strong and highly capitalized insurers in the business. The company reported 2016 operating earnings of $1.954 billion. Total assets under management at year end 2016, with affiliates, totaled $538 billion. As of year-end 2016, New York Life's surplus was $23.336 billion**. New York Life holds the highest possible financial strength ratings currently awarded to any life insurer from all four of the major ratings agencies: A.M. Best, A++; Fitch AAA; Moody's Aaa; Standard & Poor's AA+. (Source: Individual Third Party Ratings Report as of 8/17/16).

Financial strength, integrity and humanity-the values upon which New York Life was founded-have guided the company's decisions and actions for over 170 years.

The IT / IS - Policy and Standards Framework Specialist is primarily responsible for managing a team of individuals to develop, maintain and revise Information Technology and Information Security Policies and Standards. This includes establishing the overall governance and oversight function for Policy and Standards development. Further, this individual will also help address compliance concerns raised by the line of business technology and security teams. It includes establishing and/or enhancing the Policy / Exception variance process when there are instances of non-compliance.

Responsibilities:

  • Establishing and standardizing the enterprise wide IT / IS Policy and Standards program
  • Manage the IT Risk Management policy and framework against the existing risk and controls framework
  • Responsibilities include analyzing the existing policies and standards to identify gaps and improvement opportunities
  • Standardizing and streamlining policy and standards content where possible
  • Develop, maintain and refresh Risk Management policies, taxonomies on a periodic basis
  • Partner with the various technology leads and SMEs is developing and enhancing standard content
  • Socialize standards and act as the liaison for technology stakeholders requiring guidance and additional clarification
  • Developing, implementing and maintaining the governance processes for Risk Acceptances and non-compliance with Enterprise policies and standards
  • Identifying and implementing a tool to manage and recertify IT / IS policies on a go-forward basis

Qualifications:
  • BA/BS, BA/BS required in Computer Information Systems, Business, Finance, or related field
  • CISSP, CISM, CRISC, CISA preferred
  • Broad risk management and/or consulting experience
  • Understanding of key industry control frameworks (NIST Cyber Security Framework, COSO, COBIT, ISO 27000, etc.).
  • Moderate level knowledge and understanding of systems architecture, infrastructure, security and applications
  • Ability to interpret and understand IS policies and standards
  • Prior experience in managing teams in a direct or matrix capacity
  • Ability to define the Policy and Standards strategy and help implement that strategy
  • This individual requires strong personal, communication, writing and organizational skills as they will be working closely with technology stakeholders across the organization.

SF:LI-JL1
SF:EF-JL1

EOE M/F/D/V

If you have difficulty using or interacting with any portions of this Web site due to incompatibility with an Assistive Technology, if you need the information in an alternative format, or if you have suggestions on how we can make this site more accessible, please contact us at: (212) 576-5811.

* Based on revenue as reported by "Fortune 500, ranked within Industries, Insurance: Life, Health (Mutual)," Fortune Magazine, June 17, 2016. See http://fortune.com/fortune500/ for methodology.
** Total surplus, which includes the Asset Valuation Reserve, is one of the key indicators of the company's long-term financial strength and stability and is presented on a consolidated basis of the company.

1. Operating earnings is the key measure use by management to track Company's profitability from ongoing operations and underlying profitability of the business. This indicator is based on generally accepted accounting principles in the US (GAAP), with certain adjustments Company believes to be appropriate as a measurement approach (non GAAP), primarily the removal of gains or losses on investments and related adjustments.

2. Assets under management represent Consolidated Domestic and International insurance Company Statutory assets (cash and invested assets and separate account assets) and third party assets principally managed by New York Life Investment management Holdings LLC, a wholly owned subsidiary of New York Life Insurance Company.