Experienced Information Security Manager – Technology Risk & Compliance Oversight (GRC)

---

About arenaflex

At arenaflex, we believe in powering connections and creating meaningful experiences for our customers worldwide. As a globally recognized financial services leader, we are committed to delivering exceptional service while maintaining the highest standards of security, integrity, and compliance. Our mission is to create a secure and resilient operating environment that protects our customers, employees, and stakeholders in an increasingly digital world.

The Governance, Risk, and Compliance (GRC) team at arenaflex plays a pivotal role in ensuring that our organization operates safely and responsibly within regulatory expectations. In today's rapidly evolving digital landscape, technology risk management has become a critical priority at the highest levels of executive leadership. Cyberattacks and security threats continue to escalate in frequency and sophistication, making robust risk oversight more important than ever before.

Position Overview

We are currently seeking a highly skilled and experienced Information Security Manager to join our second-line technology risk oversight team within the GRC function. This role reports directly to the Chief Risk Officer (CRO) and offers a unique opportunity to work alongside a diverse team of talented professionals who are responsible for building our technology risk management program and providing independent risk oversight across technology, cybersecurity, and business continuity management domains.

This is an exceptional career opportunity for professionals who are passionate about cybersecurity, risk management, and compliance. You will play a crucial role in independently assessing and reporting on risks while providing a comprehensive view of total risk exposure to senior management, risk management committees, the Board of Directors, and regulatory bodies.

Key Responsibilities

As an Information Security Manager at arenaflex, you will be responsible for the following core functions:

• Lead independent, proactive risk management and oversight of technology, cybersecurity, and business continuity management risks generated within business processes or arising from the use of technology solutions
• Perform data-driven reviews focused on technology processes, cybersecurity controls, and business continuity management risks to identify gaps and improvement opportunities
• Conduct exploratory data analysis on large sets of structured data using SQL, Python, and Excel to develop meaningful insights on cybersecurity and technology-related information
• Develop and enhance data-driven key risk indicators (KRIs) and key performance indicators (KPIs) that provide real-time insights into risk and performance trends across the organization
• Learn technology, cybersecurity, and business continuity management processes at arenaflex, demonstrating strong interest and readiness to present effective valid assessments to stakeholders
• Stay current with relevant regulations, guidelines, and industry standards including OCC Enhanced Standards, FFIEC IT booklets, COSO, COBIT, ISO 27001, FAIR, and NIST RMF frameworks
• Support the design of independent technology risk oversight programs that define integration with various risk management programs including Process Risk Self Assessments, Business Continuity Management, New Product Approval, and Mergers & Acquisitions
• Collaborate effectively with key stakeholders across lines of business and lines of defense to ensure risks are managed effectively and efficiently according to company policies and applicable regulatory requirements
• Communicate risk findings and recommendations clearly to senior management, risk committees, and board-level audiences
• Challenge conventional thinking by actively engaging in constructive dialogue to improve risk management practices

Essential Qualifications

To be considered for this role, candidates must meet the following requirements:

• Bachelor's degree in a related field such as Computer Science, Information Systems, or equivalent professional experience
• Minimum 5 years of experience in risk management across any of the three lines of defense (first line, second line, or third line)
• Demonstrated ability to identify risks, analyze issues, and derive meaningful insights about risk trends by conducting interviews and examining large volumes of data
• Strong knowledge of infrastructure, cloud security, cyber threat intelligence, and cyber incident response areas
• Excellent analytical skills with high attention to detail and accuracy
• Proficiency in at least one data mining/big data analytics tool such as Microsoft Excel (Pivot Tables), SQL, SAS, Python, or R
• Strong critical thinking and problem-solving skills with the ability to synthesize complex information
• Self-motivation and ability to work with minimal supervision while meeting deadlines
• Excellent verbal, written, and interpersonal communication skills with the ability to present technical concepts to non-technical audiences
• Ability to challenge traditional thinking by actively engaging in constructive dialogue with stakeholders at all levels

Preferred Qualifications

Candidates with the following qualifications will be given preferential consideration:

• Educational background in Computer Science or Information Systems
• Experience in risk management across cybersecurity, information technology, third-party risk, and business continuity management
• Industry certifications such as CISM, CISA, CRISC, or CISSP
• Cloud security certifications including CCSK, CompTIA Cloud+, CCSP, or Azure Security
• Understanding of risk assessment methodologies, techniques, and industry standards including COSO, COBIT, ISO 27001, FAIR, or NIST RMF
• Knowledge of relevant policies and regulations including OCC Enhanced Standards and FFIEC IT booklets
• Experience with Governance, Risk, and Compliance (GRC) tools

Career Growth and Development

At arenaflex, we are committed to the professional development and career growth of our employees. As an Information Security Manager, you will have access to numerous opportunities for advancement and skill development:

• Leadership Development Programs designed to prepare high-potential employees for senior management roles
• Continuous Learning Opportunities including formal training, certifications, and professional development courses
• Exposure to Executive Leadership with regular interaction with C-suite executives and board-level committees
• Cross-functional Collaboration working with diverse teams across technology, cybersecurity, legal, and business units
• Industry Recognition through participation in industry conferences, working groups, and professional associations
• Career Path Advancement with potential progression to Senior Manager, Director, or Chief Information Security Officer roles

Work Environment and Culture

arenaflex fosters an inclusive, collaborative, and innovative work environment where diverse perspectives are valued and celebrated. Our culture is built on the following core principles:

• Integrity and Trust - We operate with transparency, honesty, and ethical behavior in everything we do
• Customer Centricity - We are committed to delivering exceptional value to our customers and stakeholders
• Teamwork and Collaboration - We believe in the power of working together to achieve common goals
• Innovation and Excellence - We embrace change and continuously seek better ways to solve problems
• Work-Life Balance - We support our employees' well-being with flexible work arrangements and comprehensive wellness programs

Our GRC team is composed of diverse and talented professionals who are passionate about protecting the organization and ensuring compliance with regulatory requirements. You will have the opportunity to work with industry experts, participate in meaningful projects, and contribute to the overall security posture of the organization.

Compensation and Benefits

arenaflex offers a competitive compensation package that includes:

• Competitive Salary commensurate with experience and qualifications
• Annual Bonus Program to reward performance and contributions
• Comprehensive Health Benefits including medical, dental, and vision coverage
• Retirement Savings Plan with company matching contributions
• Paid Time Off including vacation, personal days, and holidays
• Professional Development Reimbursement for certifications, training, and education
• Employee Assistance Program for personal and professional support
• Various Employee Perks and discounts on products and services

How to Apply

If you are a motivated professional with a passion for cybersecurity, risk management, and compliance, we encourage you to apply for this exciting opportunity at arenaflex. This is your chance to join a world-class team and make a meaningful impact on the organization's security posture.

To apply, please submit your updated resume and cover letter highlighting your relevant experience and qualifications. Our recruiting team will review all applications and contact qualified candidates for further consideration.

Join arenaflex today and become part of a team that values excellence, integrity, and innovation. We look forward to receiving your application!