Manager, Information Security Governance & Compliance
Manager, Information Security Governance & Compliance
National Football League (NFL)
New York, NY
See who National Football League (NFL) has hired for this role
We are seeking a dedicated and experienced Information Security Governance and Compliance Manager to join our dynamic team. The successful candidate will focus on policy management, control assurance and testing, and governance across key information security programs. They will be responsible for creating and maintaining Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) and ensuring overall compliance with our policies and procedures. This role requires a deep understanding of regulations such as PCI and HIPAA, as well as the NIST 800-53 control framework.
Key Responsibilities
Policy Management:
This job posting contains a pay range, which represents the range of salaries or hourly rates that the NFL believes, in good faith, at the time of this posting that it might be willing to pay for the posted job in the location(s) specified. The NFL expects to hire for this position near the middle of the range. Only in truly rare and exceptional circumstances, where an external candidate has experience, credentials or expertise that far exceed those required or expected for the position, would the NFL consider paying a salary or rate near the higher end of the range.
Salary
$115,000 — $145,000 USD
The NFL maintains a Flexible Workplace Policy that provides members of our workforce with opportunities to periodically work from a location of their choice while maintaining a priority on in-person work at an NFL office, which enables us to more effectively collaborate, connect, and build a workplace culture that will drive our continued success.
The NFL is committed to building a diverse, equitable, and inclusive work environment that reflects our incredibly diverse fan base. We provide an environment of mutual respect where equal employment opportunities are available to all employees and applicants without regard to status as protected by applicable federal, state, or local law.
Key Responsibilities
Policy Management:
- Develop, implement, and maintain information security policies, standards, and procedures.
- Ensure policies are up-to-date and in compliance with regulatory and industry standards.
- Conduct regular reviews and updates to policies as necessary.
- Design and implement control assurance activities to evaluate the effectiveness of security controls.
- Perform regular control testing to ensure compliance with internal and external requirements.
- Identify gaps in controls and work with relevant stakeholders to develop remediation plans.
- Oversee governance processes for key information security programs.
- Ensure alignment with organizational goals and regulatory requirements.
- Provide guidance and support to various departments to ensure compliance with security programs.
- Develop, monitor, and report on KPIs and KRIs related to information security governance and compliance.
- Provide regular updates to senior management on the effectiveness of security controls and compliance status.
- Use metrics to drive continuous improvement in the security posture of the organization.
- Maintain a thorough understanding of applicable regulations (e.g., PCI, HIPAA) and ensure organizational compliance.
- Conduct regular compliance assessments and audits.
- Serve as a subject matter expert on compliance issues and provide guidance to the organization.
- Apply the NIST 800-53 control framework to enhance the organization's security posture.
- Ensure that security controls are mapped to relevant frameworks and standards.
- Minimum of 5 years of experience in information security governance and compliance.
- Experience with regulatory requirements such as PCI, HIPAA.
- In-depth knowledge of the NIST 800-53 control framework.
- Preferred certifications: CISSP, CISM, CRISC, or equivalent.
- Strong understanding of information security principles and best practices.
- Excellent analytical, problem-solving, and communication skills.
- Ability to manage multiple priorities in a fast-paced environment.
- Proven track record of successfully managing information security policies and compliance programs.
- Experience with Information Security risk management and assessment methodologies.
- Familiarity with various information security technologies and tools.
- Ability to effectively communicate complex security concepts to non-technical stakeholders.
- Strong project management skills and attention to detail.
- Competitive salary and benefits package.
- Opportunities for professional growth and development.
- A collaborative and inclusive work environment.
- If you are a motivated and experienced information security professional looking to take on a challenging role with a leading organization, we encourage you to apply.
This job posting contains a pay range, which represents the range of salaries or hourly rates that the NFL believes, in good faith, at the time of this posting that it might be willing to pay for the posted job in the location(s) specified. The NFL expects to hire for this position near the middle of the range. Only in truly rare and exceptional circumstances, where an external candidate has experience, credentials or expertise that far exceed those required or expected for the position, would the NFL consider paying a salary or rate near the higher end of the range.
Salary
$115,000 — $145,000 USD
The NFL maintains a Flexible Workplace Policy that provides members of our workforce with opportunities to periodically work from a location of their choice while maintaining a priority on in-person work at an NFL office, which enables us to more effectively collaborate, connect, and build a workplace culture that will drive our continued success.
The NFL is committed to building a diverse, equitable, and inclusive work environment that reflects our incredibly diverse fan base. We provide an environment of mutual respect where equal employment opportunities are available to all employees and applicants without regard to status as protected by applicable federal, state, or local law.
-
Seniority level
Mid-Senior level -
Employment type
Full-time -
Job function
Information Technology -
Industries
Spectator Sports
Referrals increase your chances of interviewing at National Football League (NFL) by 2x
See who you knowGet notified about new Information Security Manager jobs in New York, NY.
Sign in to create job alertSimilar jobs
People also viewed
-
Compliance Manager, IT Security Auditing (Remote Option Available)
Compliance Manager, IT Security Auditing (Remote Option Available)
-
Job Opening: SECURITY COMPLIANCE MANAGER
Job Opening: SECURITY COMPLIANCE MANAGER
-
Physical Security Manager
Physical Security Manager
-
Manager, Regional Security Operations
Manager, Regional Security Operations
-
Director of Security Programs - Office of the Chief (Non-represented)
Director of Security Programs - Office of the Chief (Non-represented)
-
Senior Security Manager
Senior Security Manager
-
Senior Compliance Manager, IRAP
Senior Compliance Manager, IRAP
-
Senior Director – Deputy Chief Information Security Officer
Senior Director – Deputy Chief Information Security Officer
-
Compliance Officer
Compliance Officer
-
Compliance Officer (65241BR)
Compliance Officer (65241BR)
Looking for a job?
Visit the Career Advice Hub to see tips on interviewing and resume writing.
View Career Advice Hub