Chief Information Security Officer

Why Great Gray?

At Great Gray Group, we strive to set the bar for the retirement services industry. Our goal is to deliver advanced retirement solutions that combine our core fiduciary services with robust investment options, innovative technology, and dedicated client service. We focus on making choices clearer, transitions smoother, and the client experience more delightful. Complacency isn't in our vocabulary. Every day, we look for opportunities to better serve our clients, be an excellent business partner, and earn the trust of those who rely on us. 

The Role

Great Gray is looking to add a Chief Information Security Officer (CISO) to our Technology Team.  The CISO is both a strategic and tactical leader tasked with the critical responsibility of safeguarding the organization's information assets. This role encompasses a broad spectrum of duties that include establishing and maintaining the cybersecurity governance framework to ensure that policies and practices are aligned with business objectives and regulatory requirements. The individual in this role will be instrumental in identifying, evaluating, and mitigating cybersecurity risks, thereby ensuring the integrity, confidentiality, and availability of information. They will lead the development of risk management strategies and compliance activities, ensuring that the organization's cybersecurity posture is robust and resilient against emerging threats.

Location

This position will be remote. Candidate may work where they live anywhere in the United States.

Visa sponsorship or transfer of an existing visa is not available for this position. Applicants must be authorized to work directly for any employer in the United States without visa sponsorship or transfer.

• Act as a central point of contact for Great Gray’s Information Security Management
• Work with the business and technology partners to achieve goals and objectives in a secure manner with a heavy forward lean on modern software and technology architectures.
• Lead and execute proactive Information Security practices across the organization and within the technology team covering Infrastructure Platform Security, Application Security, Resiliency, Data Security, Network Architecture and Design, and User Access Management
• Serve as an expert in Great Gray’s Information Security capabilities, architecture solutions, policies, procedures and standards
• Partner with various functional leaders to provide technical and cybersecurity architectural leadership, where necessary to drive innovative solutions that help improve security
• Escalate and manage cyber security risk
• Provide ad hoc support on special Information Security hot topics for the business
• Provide regular updates to executive leadership with your line of business on the overall Information Security health and risk environment
• Complete other related duties as assigned
• Manage 3rd party firms responsible for providing information security services to Great Gray
• Manage the strategic client information security vendor risk management due diligence process
• As needed, provide senior level information security acquisition due diligence
• Provide information security subject matter expertise as it relates to data privacy regulatory compliance

• Undergraduate degree in IT related field such as Computer Science, Information Systems, or Engineering
• 12+ years of related IT process experience with a deep understanding of cybersecurity principles, risk management, and compliance frameworks
• Previous internal audit experience, external audit experience or SOX and risk assessment experience
• Professional certifications such as AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP)
• 5+ years experience in the financial services industry
• 5+ years experience with Application Security, Threat Modeling, Penetration Testing or Vulnerability Management
• Ability to navigate complex regulatory landscapes, and a commitment to continuous improvement in the face of a rapidly evolving cybersecurity environment
• Demonstrated strong problem-solving and analytical skills is critical
• Strong leadership skills with the ability to work with and influence people at all levels across the enterprise
• Great attention to details with the ability to understand impacts to the broader organization
• Effective time management and prioritization
• Ability to work within tight time constraints and multiple priorities
• Excellent verbal and written communication skills
• Excellent interpersonal skills, teamwork, and collaboration
• Ability to thrive in a fast-paced, dynamic environment and manage multiple priorities effectively
• Comfortable navigating ambiguity
• Entrepreneurial mindset to bring best practice ideas to the team
• Exhibits our Great Gray attributes: Results-Driven, Innovative, Resilient, and Decisive

Benefits

We have a comprehensive and competitive benefits package at Great Gray. Some of the highlights are:

·       Be an integral part of an early-stage, high-growth organization!

·       Hybrid work environment

·       Competitive compensation package including 401(k) with elective and non-elective match opportunities

·       Lifestyle spending allowance program

·       Medical, Dental, Vision Insurance

·       Employer-paid life and disability insurance

·       Generous paid time off program

Company Background 

Great Gray is the leading independent provider of trustee and administrative services to Collective Investment Trusts (“CITs”), with over $185 billion in CIT assets, across more than 700 funds. We proudly work with 75 subadvisors, including leading firms such as Alliance Bernstein, American Funds, BlackRock, Franklin Templeton, MetLife, Neuberger Berman, PGIM, PIMCO and Raymond James. 

CITs are more than just an investment vehicle. They represent a forward-thinking approach to retirement planning. These tax-exempt, pooled investment vehicles are offered to employer-sponsored retirement plans, like 401Ks. CITs are comparable to mutual funds, but, because they are tailored for the institutional retirement market, they can offer distinct advantages, including efficient administration and cost-effectiveness. CITs have a history dating back over 90 years; but they have gained favor over the past decade, driven by innovations, and Great Gray has been at the forefront.

Great Gray has consistently delivered year-over-year growth at an above market rate and is investing in the continued development of its core CIT business as well as complementary administrative services and technology solutions for the retirement market.

Madison Dearborn Partners (“MDP”) purchased Great Gray from Wilmington Trust in April 2023. As a result, Great Gray is an independent company owned by funds affiliated with MDP.

Investor Background 

MDP is a leading private equity investment firm based in Chicago. Since MDP's formation in 1992, the firm has raised aggregate capital of over $28 billion and has completed over 150 platform investments. MDP invests across five dedicated industry verticals, including basic industries; business and government software and services; financial and transaction services; health care; and telecom, media, and technology services.

Equal Employment Opportunity Policy

Great Gray, LLC is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, disability status or other non-merit factor.