Job Overview

Position Schedule: Full-Time

In 2022, Edward Jones invested $ 1 billion in technology infrastructure, digital initiatives, and virtual business enablement tools. We're currently in the test-and-learn phase and are looking for talented, motivated professionals, that want to be part of this transformational journey. Cloud-based architecture and modern technical capabilities will enable us to grow our impact while providing the best client experience possible.

You may be surprised to know that Edward Jones employs hundreds of software developers - all focused on creating world-class experiences for our clients and branch offices. If you've considered Edward Jones in the past, it's time to take another look. We are embracing a modern, cloud-based architecture and are looking for exceptional individuals who want to be a part of that future.
The Cyber Risk Management area is seeking a highly experienced and dynamic leader to head our Cyber Governance, Risk, and Compliance (GRC) department. We are responsible for managing all 1st line of defense cyber risk functions at the Firm, such as: Policy Governance, Risk Assessment, Third Party Cyber Risk Management, Controls Assessments, etc.
Are you a strong Technology Risk Leader who is willing to lead the maturity and growth of a Cyber Governance, Risk & Compliance program?

This role will manage the teams responsible for the development and implementation of comprehensive cybersecurity governance, risk management, and compliance strategies. The successful candidate will be a strategic thinker, with a deep understanding of cybersecurity best practices, regulatory requirements, and risk management methodologies. They will be responsible for leading and mentoring a team of leaders, ensuring that the organization's cybersecurity posture is robust, compliant, and aligned with business objectives.
What You'll Do:

• Modernize and execute the overall cybersecurity governance, risk, and compliance strategy.
• Align the GRC program with business goals and regulatory requirements.
• Provide strategic direction and leadership to the GRC team, fostering a culture of excellence and continuous improvement.
• Develop and maintain Key Performance Indicators (KPIs) to measure progress of in-flight initiatives.
• Mature and maintain cybersecurity policies, standards, and procedures.
• Re-define and maintain policy / standard variance and risk acceptance processes, procedures, and reporting methodologies to align with industry best practice.
• Ensure the organization's cybersecurity framework is aligned with industry standards and regulatory requirements (e.g., NIST CSF).
• Oversee the implementation of governance processes and ensure effective monitoring and reporting.
• Formalize and manage a comprehensive risk management program.
• Identify, assess, and prioritize cybersecurity risks and vulnerabilities.
• Implement risk mitigation strategies and monitor the effectiveness of risk management activities.
• Develop and maintain Key Risk Indicators (KRIs) to help quantify risk in the environment.
• Maintain risk logging mechanisms for tracking known risks and associated remediation activities.
• Ensure compliance with all relevant regulatory requirements and standards (e.g., FINRA, SEC, OCC, NYDFS, etc.)
• Support both internal and external audits related to cybersecurity.
• Mature existing compliance monitoring and reporting framework.
• Lead, mentor, and develop a high-performing team of GRC professionals.
• Foster a collaborative and inclusive team environment.
• Identify and address skills gaps and training needs within the team.
• Collaborate with other departments and stakeholders to ensure cybersecurity risks are managed across the organization.
• Communicate effectively with senior management on cybersecurity matters.
• Participate in a variety of risk-related working groups with Enterprise Risk Management (ERM), Internal Audit, and other first line risk teams.

Maintain effective risk reporting mechanisms for senior leadership to maintain awareness and foster effective risk-based decision making

At Edward Jones, we value and respect our associates and their contributions, and we recognize individual efforts through a rewards program that promotes a long-term career, financial security and well-being. Visit our career site to learn more about our total compensation approach, which in addition to base salary, typically includes benefits, bonuses and profit sharing. The salary range for this role is based on national data and actual pay is based on skills, experience, education, and other relevant factors for a potential new associate:

Hiring Minimum: $136571
Hiring Maximum: $232541

Skills/Requirements

What Do You Need

• Bachelor's degree in Computer Science, Information Security, Risk Management, or a related field.
• 10+ years of experience in Technology Risk, with a focus on governance, risk management, and compliance.
• Proven experience leading and managing teams of Technology Risk professionals.
• In-depth knowledge of technology risk frameworks, standards, and regulations for Financial Services.
• Strong understanding of risk management methodologies and best practices.
• Excellent leadership, communication, and interpersonal skills.

What Could Set You Apart:

• Experience managing Cybersecurity Risk
• Experience at a large Financial Services organization
• Relevant certifications such as CISSP, CISM, CISA, or CRISC are highly desirable.

Candidates that live within in a commutable distance from our Tempe, AZ and St. Louis, MO home office locations are expected to work in the office three days per week, with a preference for Tuesday through Thursday.**

Awards & Accolades

At Edward Jones, we are building a place where everyone feels like they belong. We're proud of our associates' contributions to the firm and the recognitions we have received.

Check out our U.S. awards and accolades: Insights & Information Blog Postings about Edward Jones

Check out our Canadian awards and accolades: Insights & Information Blog Postings about Edward Jones

About Us

Join a financial services firm where your contributions are valued. Edward Jones is a Fortune 500¹ company where people come first. With over 8 million clients and 19,000 financial advisors across the U.S. and Canada, we're proud to be privately-owned, placing the focus on our clients rather than shareholder returns.

Behind everything we do is our purpose: We partner for positive impact to improve the lives of our clients and colleagues, and together, better our communities and society. We are an innovative, flexible, and inclusive organization that attracts, develops, and inspires performance excellence and a sense of belonging.

People are at the center of our partnership. Edward Jones associates are seen, heard, respected, and supported. This is what we believe makes us the best place to start or build your career.

View our Purpose, Inclusion and Citizenship Report.

1Fortune 500, published June 2023, data as of December 2022. Compensation provided for using, not obtaining, the rating.

Edward Jones does not discriminate on the basis of race, color, gender, religion, national origin, age, disability, sexual orientation, pregnancy, veteran status, genetic information or any other basis prohibited by applicable law.

#LI-HO