CISSP Jobs - Program Manager III, 12845

at Yoh
Location Overland Park, KS
Date Posted January 11, 2019
Category Default
Job Type Full-time


Program Manager III

Overland Park, KS


  • Plan, execute, review and lead information technology compliance and governance initiatives, primarily in the areas of National Security Agreement, NY Department of Financial Services part 500, and the California Privacy Act.
  • Develop and implement a governance and control framework to monitor IT production environments for potential system integrity exposure and control weaknesses. Identify various risks (e.g., financial, operational, compliance) to the organization and make recommendations for corrective actions/mitigation of risks.
  • Evaluate complex information systems and controls, report findings to management, and communicate recommendations for corrective actions.
  • Assist in the development of a new compliance and governance program specific to compliance with NY DFS part 500 and CA Privacy law. Requires clear, concise written and verbal communication skills with technical teams, non-technical teams, and translation between both.
  • The individual will work with process owners at all levels to develop solutions to close issues related to non-conformance findings. Demonstrated expertise in relevant areas which include, but are not limited to, Network Security, Network Administration, System Administration, Application Security and Consultancy, System Integration, Auditing, or any special skills.
  • This individual will assist in the creation of a NY DFS vendor risk assessment and validation capability and define CA privacy compliance and audit project requirement and validation methods.


  • CISSP, CIPP and/or CISA.
  • This individual should be familiar with governance and risk management programs. Able to work with various stakeholder to define and document control and testing methodologies. Preferred: One or more of the following certifications: CISSP, CIPP and/or CISA.
  • Previous background in IT Security, architecture, data, development, database technologies, data loss prevention vendor risk management or development.