Assistant Vice President, Info Security

Information Security Engineer

Reporting to the Director, Information Security, the Information Security Engineer supports Conning’s Information Security Program ("ISP") through the design, implementation, management, and maintenance of the Firm’s security infrastructure and supporting operational functions. The role is a blend of hands‑on technical engineering, conceptual design, application of security controls, proactive threat analysis, and cybersecurity incident response.

• Ownership and support of key security capabilities and vendor relationships
• Providing oversight of security assurance functions
• Performance and/or oversight of technical security assessments
• Leading, executing, and continuously improving cybersecurity incident response plans
• Directly manage and ensure successful delivery of cybersecurity projects and solutions to identified threats, vulnerabilities and risks
• Work collaboratively with IT and business stakeholders in providing security engineering support for non-security projects and initiatives
• Provide direction to and oversight of one ("1") or more team members
• Facilitate stakeholder working groups in support of operational security functions
• Manage the Firm’s portfolio of production security products and vendor relationships to ensure continued effectiveness
• Conduct technical security assessments of software and systems in support of internal and third‑party risk management processes
• Provide input into/assist in updating security control information in internal and third‑party risk and control assessments
• Facilitate engagements with external third parties in the performance of technical security testing (e.g., penetration testing)
• Create and maintain system and process security documentation
• Provide reports on project and operational performance to management as required
• Stay up to date on relevant cyber security threats, tools and techniques
• Position should be able to complete assigned tasks with minimal direction

• Bachelor’s Degree in Information Technology, Information Security or related concentration
• Knowledge of cybersecurity frameworks, best practices, standard concepts, and procedures
• 5 years’ experience in the implementation and management of security software, technology, and related programs
• Strong written and verbal communication skills
• Strong working knowledge of Microsoft applications and operating systems
• Experience and working knowledge of software configuration and vulnerability management, security infrastructure and engineering concepts, common security control frameworks (e.g., NIST, ISO, MITRE, etc.).
• Cloud security

• Security technologies including, but not limited to:
  Tenable, Cyber Ark, Varonis, Proofpoint, 'Microsoft cybersecurity solutions (Entra, Defender, Sentinel, Purview, etc.)', Crowd Strike, Sumo Logic, Cisco, Fortinet

Conning is an equal‑opportunity employer. Our company embraces the principles of inclusion; our employees can bring the best version of themselves to work every day. We thrive in an environment where everyone’s voice is heard, every idea counts, and the differences of our employees are valued. We provide reasonable accommodations to those who need them. If you are unable to complete this application due to a disability, contact us to ask for an accommodation or an alternative application process.

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class. Applicants must exhibit a strong commitment to meet compliance obligations reflecting Conning's core values of honesty and integrity;

must accept responsibility for compliance in each role and comply with all applicable rules, regulations, and legal requirements.