Skip Navigation

AVP, IT Risk & Information Security

  • New York, NY
  • Full Time

Apply for the AVP, IT Risk & Information Security position

"*" indicates required fields

Max. file size: 10 MB.
Drop files, or upload here
Madison-Davis is committed to protecting and respecting your privacy, and we will only use your personal information to contact you regarding the services you requested from us. Your contact information will not be shared or sold to third parties for marketing purposes. We would like to contact you about our products and services, as well as other content that may be of interest to you; messaging frequency will vary based on hiring needs and opportunities. If you consent to us contacting you for this purpose, please check the box below.
I agree to receive communications from Madison-Davis
You may unsubscribe from these communications at any time by replying STOP. You may also text HELP for more information. Mobile messaging and data rates may apply.
This field is for validation purposes and should be left unchanged.

Office Status: Hybrid
Salary: $100,000 to $140,000


  • Responsible to develop and maintain all IT and Cybersecurity local procedures for NY/LA branches based on US regulatory requirement and THE BANK Policies & Standards include but not limited to Information Security Policy and Cyber Security Strategy, associated standards and guidance pertaining.
  • Development of Business Continuity, Incident Response Strategy and plans.
  • Identify strengths and weaknesses in the Information Security Program as they relate to privacy, security, business resiliency and compliance frameworks to detect, prevent and react to current and emerging information security threats
  • Prepare for IT related risk assessments and gap analysis against internal controls and regulatory requirements.
  • Updating IT management of any new regulatory requirements, and/or any newly identified IT risk on regular basis.
  • Working with Head Office Risk Control & Governance, Operational Risk Management, and Compliance staff on implementing enhancement of risk management initiatives.
  • Advise on and challenge control matters as needed from a 1.5 line of defense perspective.
  • Respond to incidents including suspected cybersecurity incidents according to incident response plan and playbooks.
  • Oversight of KRI reporting and review indicators healthiness and, provide regular update to US IT Committee and relevant oversight committee in Head Office.
  • Support and assist with NY/LA branch audits and facilitate management response and remediation efforts. Ensure overall IT compliance with regulatory requirements through proactive planning and communication and ownership.
  • Participate in IT governance related meetings and articular IT risk control issues to ITG management and branch

  • Coordinate internal and external parties to conduct security assessment (such as Red/Blue/Purple team and penetration test) based on regulatory requirement.
  • Based on THE BANK head office requirements to organize security awareness education program and necessary trainings for US branches to promote the security cultures.
  • Ad-hoc task or projects assigned by IT management and head office related to Information Security.