Cyber Risk Management Lead

New York, New York, United States

Share with: Facebook Twitter Send to a friend

The mission of Two Sigma is to find value in the world's data. At our core we are a technology business. We use vast data sets from over a thousand diverse sources, advanced machine learning techniques, and scientific approaches to find critical connections that help drive the world's economy, safeguard the retirement savings of millions of people, and fund groundbreaking research.

At Two Sigma we fully embrace our "Nice Geeks" culture. Our facilities are designed to encourage people to come together and share ideas. Our personnel are rewarded for cross group collaboration and driving innovation. We also embrace fun and encourage play because we know giving our brains activity outside of our core jobs helps us be more creative and gain new insights that are relevant to our daily tasks.

Because we are looking for radical, novel, unique, inspiring solutions, we place a high premium on diversity. We need people who see the world from angles we don't, so we can ensure that our solutions are the best possible, for the greatest number of people possible. We also know that embracing diversity of all kinds leads to inspiration, which leads to innovation, which allows us to change the world. If you are passionate, and interested in joining us on this adventure, we would love to meet you.

The Two Sigma Cyber team is focused on pushing the boundaries of what is possible when we reevaluate traditional assumptions and embrace modern technology. Whether we are unlocking the potential of quantitative analysis, pushing the limits of zero trust, driving cloud infrastructure to new heights, or developing our own solutions to common authentication and authorization challenges, we embody a culture of proactive and transparent, innovation.

The Cyber Risk Management Lead will report to the manager for Incident Response and Investigations  and will partner directly with the manager for Security Infrastructure & Operations, manager for Security Architecture, manager for Cloud Security, the Two Sigma Compliance team, Engineering Group Leads, the Security Risk and Governance Committee, and the Chief Risk Officer. In a typical day, this role may:

  • Act as a personnel manager for the Cyber Risk Team;

  • Conduct internal audits of the cyber risk posture of Two Sigma systems;

  • Engage with external auditors;

  • Coordinate meetings and drive the agenda of the Security Risk and Governance Committee;

  • Prioritize and drive remediation of identified risks;

  • Drive improvements to security capabilities;

  • Partner on automation of risk signal; and

  • Partner on modeling and quantitative analysis of risk based on automated signals.

This role will be responsible for managing the Cyber Risk Management program at Two Sigma. The objective of the Cyber Risk Management program is to understand the current risk posture of Two Sigma and to guide investment/innovation to improve the risk posture of the firm. Successful execution of this program should eventually result in a real-time understanding of risk, threat analysis, and countermeasure effectiveness with strong signal fidelity. Outputs of the program should inform engineering and budget priorities across the firm.

This role will have the ability to influence the security state of Two Sigma, engineering priorities across the firm, investor confidence in the firm, and risk management practices across the industry and cyber security community at large.

Requirements to Apply for the Role:

  • Five years of experience working in some combination of cyber security risk management, cyber security auditing (internal or external), and/or cyber security consulting.

  • Two years of experience managing a team of personnel focused on cyber security risk management, cyber security auditing, and/or cyber security consulting.