This is a hybrid role (3 days in the office/2 days remote).

About your team:

The Information Security Controls Manager works with technology, risk management, and technical cybersecurity teams to measure and drive IBKR’s security performance and develop and maintain client and regulatory trust.

This role is responsible for maintaining IBKR’s formal information security controls framework and representing IBKR’s cybersecurity controls to Information Security stakeholders outside and within the company, including audit, operational risk management, clients, and regulators.

 What will be your responsibilities within IBKR: 

Establish and maintain a formal information security controls catalog based on existing security control processes informed by regulatory requirements. Formalize IBKR’s information security controls testing framework, ensure it aligns with the Firm’s cybersecurity risk management framework, and map it to common industry frameworks, such as NIST CSF. Establish and continually improve processes to test information security controls, including through the use of automation. Manage and enhance quantitative and qualitative metrics that report on key information security control performance and risk. Continually deliver and enhance IBKR’s information security process for managing responses to security-related external assessments, audits, and examinations from clients, regulators, auditors, and other stakeholders. Maintain standard shared assessment questionnaires that describe IBKR’s cybersecurity program. Evaluate security controls, identify opportunities for improvement, and communicate specific, constructive recommendations that move IBKR’s information security program forward. Other duties, as assigned.

Which skills are required:

3+ years of experience responding to client due diligence questionnaires, audit requests, and regulatory exam requests. 5+ years of experience in Information Security. Prior experience working with GRC tooling, with automation and continuous compliance a plus. A working familiarity with common security frameworks and standards, including the NIST Cybersecurity Framework (CSF). Knowledge of cybersecurity regulations, including DORA and guidance issued by MAS, SFC, CFTC, FINRA and other regulators. Prior experience as a security risk assessor is a plus. Experience in utilizing industry-accepted practices to meet regulatory expectations. Proven track record of delivering results while collaborating with colleagues outside of the security team. Experience building a cross-functional team as an individual contributor. Familiarity with spreadsheets, including advanced functionality. An open, collaborative, client-centric, problem-solving mentality. Superior verbal and written communication skills. Superior critical thinking, analytical, and organizational abilities. Ability to exercise good judgment when solving problems with incomplete information. Bachelor’s degree in Information Security, Computer Science, Information Technology or a related field.

To be successful in this position, you will have the following:

Self-motivated and able to handle tasks with minimal supervision. Superb analytical and problem-solving skills. Excellent collaboration and communication (Verbal and written) skills. Outstanding organizational and time management skills. Company Benefits & Perks Competitive salary, annual performance-based bonus and stock grant Retirement plan 401(k) with a competitive company match Excellent health and wellness benefits, including medical, dental, and vision benefits, and a company-paid medical healthcare premium. Wellness screenings and assessments, health coaches and counseling services through an Employee Assistance Program (EAP) Paid time off and a generous parental leave policy Daily company lunch allowance provided, and a fully stocked kitchen with healthy options for breakfast and snack Corporate events, including team outings, dinners, volunteer activities and company sports teams Education reimbursement and learning opportunities Modern offices with multi-monitor setups