Position Summary

The Deputy Chief Information Security Officer (Deputy CISO) will report to the Head of Security Driven Infrastructure to manage the day-to-day operations of the Information Security team at TCW. The individual in this position will work with the CISO to successfully develop, implement, and maintain the functions of the Information Security Program, and serve as a member of the incident response team. Ideal candidate must have deep knowledge in essential security practices and experience managing and developing teams. This is a hands-on role where monitoring security controls and developing and improving security strategies will be some of the key responsibilities of this position. Ability to communicate effectively across the business and technology at all levels in the organization is required.

Essential Duties

• Manage and lead the cybersecurity function of the firm and be responsible for:
  • Security policy development and maintenance
  • Selection and implementation of appropriate technology solutions
  • Day to day operation and monitoring of security controls
  • Design and implement a robust application security program
  • Improve and develop new process designs and technology platform strategies
  • Alignment to NIST CSF 2.0
  • Partner with stakeholders when onboarding solutions to ensure adequate controls are available and enabled
  • Direct/conduct ongoing risk assessments; drive remediation and reporting of vulnerabilities
  • Manage relationships with internal and external partners and stakeholders
  • Serve as the Incident Commander responsible for leading and coordinating the response to all incidents where appropriate
• Develop training plans and mentorship opportunities to promote internal capabilities
• Monitor threat landscape for emerging threats and advise stakeholders on appropriate courses of action
• Assess and manage cybersecurity risk and maintain compliance with applicable regulatory requirements
• Implement a continuous monitoring strategy to identify and respond to changes to the company's risk posture and communicate to control owners
• Collaborate with peer organizations to share best practices with an eye on further strengthening and evolving the firm's information security program
• Grow and evolve the cloud security program to incorporate industry leading best practices across multiple environments
• Influence the adoption of secure design patterns with a mission to embed security into the fabric of the company through an agile software development process.
• Engage with regulators and investors to understand the company's security program, and assist with due diligence responses
• Adopt a security advisory mindset, providing subject matter expertise to the firm's internal stakeholders; advise and execute on the Company's security strategy
• Lead data protection initiatives to ensure the confidentiality, integrity, and availability of company and customer information

Required Qualifications

• Bachelor’s Degree in Computer Science or a related field
• 10 years of experience in the information security industry, with at least 4 years in a senior leadership role directly supervising staff
• Advanced knowledge of essential security practices, such as vulnerability and patch management, incident response, and endpoint protection
• Familiarity with industry frameworks such as NIST CSF, ISO 27001, SOC 2 Type II, etc.
• Strong technical foundation, including security architecture, threat modeling, vulnerability assessments, and cloud security

Professional Skills Qualifications

• Strong communication skills: This role must communicate with various stakeholders including business leaders, clients, team members, engineers, regulators, and legal counsel
• Strategic problem-solving and decision-making abilities
• Strong leadership and interpersonal skills

Desired Qualifications

• Experience working in the financial services industry

Estimated Compensation:

Base Salary: For CA & NY based positions, the base salary range is $225k to $265k. This is an anticipated range only.

Other Compensation: Eligible to be considered for an annual discretionary bonus

Benefits: Eligible for TCW’s comprehensive benefits package. See more information here.

#LI-DG1