Senior Information Security Manager – Enterprise Risk & Compliance Leadership at arenaflex (Remote, Full‑Time)

About arenaflex

arenaflex is a global leader in financial services, renowned for its innovative approach to digital transformation and commitment to delivering secure, reliable experiences to millions of customers worldwide. As the industry continues to evolve, arenaflex remains at the forefront of technology adoption, leveraging cutting‑edge solutions to drive growth while safeguarding critical assets. Our culture blends entrepreneurial spirit with rigorous governance, creating an environment where security professionals can thrive, influence strategy, and shape the future of risk management.

Why This Role Matters

The Information Security Manager position sits at the heart of arenaflex’s Governance, Risk, and Compliance (GRC) team. Reporting directly to the Chief Risk Officer (CRO), you will lead the second‑line technology risk function, providing independent oversight of cyber‑risk, data protection, and business continuity. In a world where cyber‑attacks are increasingly sophisticated, your insights will guide senior leadership, risk committees, and board members, ensuring that arenaflex’s risk posture remains resilient, compliant, and aligned with strategic objectives.

Key Responsibilities

• Independent Risk Oversight: Lead proactive risk identification, assessment, and mitigation for technology, information security, and business continuity across all lines of business.
• Data‑Driven Audits: Design and execute risk‑based audits focused on security controls, network protection, and operational resilience, delivering clear findings and actionable recommendations.
• Advanced Analytics: Conduct exploratory data analysis on large datasets using SQL, Python, and Apache Spark to uncover trends, anomalies, and emerging threats.
• Metrics & Reporting: Develop and maintain risk‑based key risk indicators (KRIs) and performance metrics that provide continuous insight into risk trends and control effectiveness.
• Program Development: Contribute to the design and enhancement of arenaflex’s enterprise risk management framework, integrating initiatives such as IT Risk Self‑Assessments, Business Continuity Planning, New Product Approval, and M&A risk integration.
• Stakeholder Collaboration: Partner with business owners, IT security teams, and compliance functions to ensure risk treatment plans are executed efficiently and align with regulatory expectations.
• Regulatory & Standards Alignment: Stay current with industry standards (e.g., ISO 27001, NIST RMF, COSO, COBIT) and regulatory guidance (e.g., OCC, FFIEC) to embed best practices into arenaflex’s risk processes.
• Thought Leadership: Mentor junior risk analysts, lead cross‑functional workshops, and champion a culture of risk awareness throughout the organization.

Essential Qualifications

• Minimum 5 years of experience in risk management across at least one of the three lines of defense, preferably within a large, regulated financial institution.
• Demonstrated ability to identify risks, analyze complex data sets, and derive actionable insights that influence senior‑level decision‑making.
• Strong knowledge of security frameworks, cloud security concepts, and digital incident response methodologies.
• Proficiency with data‑mining and big‑data analytics tools such as Microsoft Power BI, Tableau, SQL, SAS, Python, or R.
• Excellent analytical, problem‑solving, and critical‑thinking skills with a meticulous attention to detail.
• Outstanding written and verbal communication abilities, capable of presenting technical findings to both technical and non‑technical audiences.
• Self‑starter attitude with the capacity to work independently and thrive in a remote, fast‑paced environment.

Preferred Qualifications & Certifications

• Bachelor’s degree in Computer Science, Information Systems, Data Science, or a related discipline (advanced degree a plus).
• Professional certifications such as CISM, CISA, CRISC, CISSP, CCSK, CCSP, or CompTIA Cloud+.
• Hands‑on experience with risk assessment methodologies and frameworks (e.g., FAIR, NIST RMF, ISO 27001, COSO).
• Familiarity with regulatory guidance specific to the financial sector, including OCC Principles, FFIEC IT Handbooks, and other relevant standards.
• Experience supporting risk management for cloud environments (AWS, Azure, GCP) and modern data platforms.
• Exposure to governance tools such as Bowman or similar GRC platforms.

Core Skills & Competencies

• Technical Acumen: Ability to navigate complex IT architectures, understand network security controls, and evaluate emerging technologies.
• Data Analysis: Expertise in extracting, transforming, and visualizing data to drive risk‑based decisions.
• Strategic Thinking: Capacity to align risk initiatives with broader business objectives and communicate the business impact of security findings.
• Collaboration: Proven track record of building strong relationships across business units, IT, compliance, and executive leadership.
• Adaptability: Comfortable operating in a dynamic, continuously evolving threat landscape.
• Ethical Judgment: Commitment to maintaining confidentiality, integrity, and professionalism in all risk‑related activities.

Career Growth & Learning Opportunities

arenaflex invests heavily in the professional development of its employees. As an Information Security Manager, you will have access to:

• Leadership development programs designed to prepare you for senior executive roles within the GRC function.
• Continuous learning allowances for certifications, conferences, and advanced coursework.
• Mentorship from seasoned risk executives and exposure to global risk committees.
• Opportunities to lead high‑visibility projects, such as enterprise‑wide cloud migration risk assessments and large‑scale M&A integration reviews.
• A clear promotion pathway from manager to director, and eventually to C‑suite risk leadership positions.

Work Environment & Culture at arenaflex

Our remote‑first philosophy empowers you to work from anywhere while staying connected through collaborative tools, virtual team‑building events, and regular face‑to‑face meet‑ups at our global hubs. arenaflex fosters an inclusive culture where diverse perspectives are celebrated, and innovation is encouraged. You will be part of a high‑performing, supportive team that values transparency, continuous improvement, and a balanced approach to work and life.

Compensation, Perks & Benefits

arenaflex offers a competitive compensation package that reflects the expertise required for this role, including:

• Base salary aligned with market benchmarks for senior risk professionals.
• Performance‑based bonuses tied to risk mitigation outcomes and business impact.
• Comprehensive health, dental, and vision coverage.
• Retirement savings plans with company matching contributions.
• Generous paid time off, parental leave, and flexible work schedules.
• Professional development stipend, certification reimbursement, and access to a vast library of learning resources.
• Wellness programs, employee assistance services, and virtual fitness classes.
• Technology allowance for home office setup, high‑speed internet, and ergonomic equipment.

How to Apply

If you are ready to shape the future of risk management at a world‑class financial institution, we want to hear from you. Submit your resume, a concise cover letter highlighting your most relevant experience, and any supporting certifications through the link below. Join arenaflex and become a catalyst for secure, resilient growth.

Apply Now – Start Your Journey with arenaflex!