Cybersecurity Governance Manager

We are seeking a Manager of Cybersecurity Governance to join our dynamic team reporting to the Director of Cybersecurity Governance and Risk. This role will lead the development of a comprehensive technology and cybersecurity governance framework tailored to our on-premise and cloud environments. This role is critical in ensuring that our company's technology and cybersecurity practices are compliant with regulatory requirements and industry standards, while also effectively identifying risks. Members of the Cybersecurity Governance team are motivated, detail-oriented, and thrive in a collaborative environment where they will add value to key business partners. This position will require you to be adaptive, willing to drive change and innovation, and work in a fast-paced environment requiring collaboration and the ability to organize and prioritize assignments.

Responsibilities:

Establish and maintain a security governance framework based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework to ensure effective oversight and accountability. Oversee the technology and cybersecurity policy program, which includes policy and control drafting, facilitating cross-functional input, and enforcement of policies, procedures, and controls. Maintain the company's technology and cybersecurity risk and controls matrix in alignment with multiple frameworks, including

SOC2, CIS, PCI, NIST CSF, NIST

800-53, and NYDFS Part 500. Lead the annual enterprise technology and cybersecurity risk assessment. Establish an automated technology and cyber governance risk and compliance (GRC) program to continuously monitor and report on technology and cyber risk and control effectiveness. Lead the company's annual NYDFS Part 500 Cybersecurity self-assessment. Oversee and facilitate the annual SOC2 audit and any exams and assessments focused on technology and cybersecurity controls from state examiners, regulators, and OneMain partners. Educate, influence and provide clear directives for technology projects, either directly or through committees, to ensure the consistent application of policies, standards and controls across all technology projects, systems and services. Partner and coordinate with the enterprise risk management team, internal audit, and other functions within the cyber risk team to ensure appropriate oversight and management of cyber risks and controls in-line with OneMain's enterprise risk management framework. Partner with cybersecurity architects, engineers, and technology operations teams to ensure governance programs for access privileges, applications, cloud environments, asset management, artificial intelligence, and other technology functions are implemented and maintained according to cybersecurity standards and guidelines. Lead a metrics and reporting program to measure the efficiency and effectiveness of the cybersecurity program for senior management providing insights, trends and recommendations.

Qualifications:

Bachelor's Degree with a focus in Cybersecurity, Information Technology disciplines or equivalent experience. Minimum of 5 - 7 years of experience in planning, designing, implementing and managing technology and cybersecurity governance and controls framework in the financial industry or other regulated industry. Minimum 3 - 5 years in a leadership role with a strong ability to influence peers, leaders and team members at all levels and across functional lines. In-depth knowledge of cybersecurity frameworks, such as NIST, SOC2, and CIS. In-depth knowledge of cybersecurity laws and regulations, industry standards and best practices including

GLBA 501

(b), NYDFS and PCI. Excellent verbal and written communication and presentation skills with the ability to prepare and deliver complex data in a way that is concise/understandable. Strong organizational and program management skills. Ability to effectively respond to shifting priorities and assignments. Sound analytical, problem solving and research skills. Proficient in computer skills in Microsoft Office suite - Word, Excel, and PowerPoint. Familiarity with GRC, metrics, and reporting tools like Archer, Anecdotes, Power BI, or equivalent software a plus. Self-motivation with proven ability to be adaptable to a dynamic, fast-paced work environment with multiple priorities and strict timelines. OneMain Holdings, Inc. is an Equal Employment Opportunity (EEO) employer. Qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship status, color, creed, culture, disability, ethnicity, gender, gender identity or expression, genetic information or history, marital status, military status, national origin, nationality, pregnancy, race, religion, sex, sexual orientation, socioeconomic status, transgender or on any other basis protected by law. OneMain Financial (

NYSE:

OMF) is the leader in offering nonprime customers responsible access to credit and is dedicated to improving the financial well-being of hardworking Americans. Since 1912, we've looked beyond credit scores to help people get the money they need today and reach their goals for tomorrow. Our growing suite of personal loans, credit cards and other products help people borrow better and work toward a brighter future. In our more than 1300 community branches and across the U.S., team members help millions of customers solve critical financial needs, including debt consolidation, home and auto repairs, medical procedures and extending household budgets. We meet customers where they want to be - in person, by phone and online. At every level, we're committed to an inclusive culture, career development and impacting the communities where we live and work. Getting people to a better place has made us a better company for over a century. There's never been a better time to shine with OneMain.