Security Governance Specialist

ABOUT CFM

Founded in 1991, we are a global quantitative and systematic asset management firm applying a scientific approach to finance to develop alternative investment strategies that create value for our clients.

We value innovation, dedication, collaboration, and the ability to make an impact. Together, we create a stimulating environment for talented and passionate experts in research, technology, and business to explore new ideas and challenge existing assumptions.

ABOUT THE POSITION

CFM is gearing up for a transformative year as we head into 2025, marking a significant acceleration for our company.

To meet the evolving demands of the research department, we are dedicated to making substantial investments in cutting-edge technological initiatives. The meaningful integration of advanced technologies, such as generative AI and cloud solutions, is at the core of our transformation strategy. Simultaneously, we are enhancing our security infrastructure to ensure the safe and optimized use of these advanced technologies.

We are seeking a motivated IT Security Governance Specialist to join our Information Security team. Reporting directly to the CISO, you will manage and enhance our security controls, conduct audits, perform risk assessments, evaluate benchmark frameworks (e.g., CIS, NIST), and assess the security posture of third-party providers.

Key Responsibilities:

• Develop and maintain a comprehensive security governance framework.

• Conduct manual reviews of security controls to ensure compliance with internal policies and external standards.

• Plan and execute internal audits to assess control effectiveness and identify vulnerabilities.

• Perform risk assessments and help develop mitigation strategies.

• Evaluate and implement benchmark frameworks (e.g., CIS, NIST) to align with industry best practices.

• Review third-party service providers to ensure adherence to our security requirements.

• Collaborate with cross-functional teams to synchronize security initiatives with business objectives.

• Document findings, generate reports, and support the implementation of improvements.

• Monitor security trends, technological advancements, and regulatory changes.

• Assist in refining security policies, procedures, and standards.

Required Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or related field. Relevant certifications (CISSP, CISM, CRISC) are a plus.

• Proven experience in IT security governance, risk assessments, or compliance.

• Solid understanding of frameworks (CIS, NIST) and regulatory standards.

• Experience with internal audits, control reviews, and vendor security assessments.

• Strong analytical, problem-solving, and documentation skills.

• Excellent communication and interpersonal skills.

• Ability to work independently and within a multi-national team environment.

Preferred Qualifications:

• Experience with automated security tools and monitoring, and governance risk

• Fluency in English, French is a plus

EQUAL OPPORTUNITIES STATEMENT

We are continuously striving to be an equal opportunity employer and we prohibit any discrimination based on sex, disability, origin, sexual orientation, gender identity, age, race, or religion. We believe that our diversity, breadth of experience, and multiple points of view are among the leading factors in our success.
CFM is a signatory of the Women Empowerment Principles.

FOLLOW US

Follow us on Twitter or LinkedIn or visit our website to find out more about CFM.