Information Security Policy Manager

Interactive Brokers Group, Inc. (Nasdaq: IBKR) is a global financial services company headquartered in Greenwich, CT, USA, with offices in over 15 countries. We have been at the forefront of financial innovation for over four decades, known for our cutting‑edge technology and client commitment.

IBKR affiliates provide global electronic brokerage services around the clock on stocks, options, futures, currencies, bonds, and funds to clients in over 200 countries and territories. We serve individual investors and institutions, including financial advisors, hedge funds, and introducing brokers. Our advanced technology, competitive pricing, and global market help our clients to make the most of their investments.

Barron's has recognized Interactive Brokers as the #1 online broker for six consecutive years. Join our dynamic, multi‑national team and be a part of a company that simplifies and enhances financial opportunities using state‑of‑the‑art technology.

This is Hybrid role (4 days in office /1 day remote)

About your Team

The Information Security Policy Manager develops, maintains, and communicates IBKR's information security policies aligned to regulatory requirements, industry best practices, and IBKR’s control environment and risk appetite. This role is responsible for IBKR’s formal information security policy library, ensuring IBKR’s security program is supported by well‑considered policy mandates.

Responsibilities

• Maintain and extend IBKR’s information security policy library to align with regulatory requirements, business risk appetite, industry-accepted risk frameworks, and IBKR’s control environment.
• Coordinate and drive the development, review, and update of information security policies and standards based on identified need and defined maintenance intervals.
• Map IBKR’s security policies to, and analyze gaps against, applicable risk and regulatory frameworks and laws, such as DORA, FFIEC, NIST CSF.
• Support security‑related external assessments, audits, and regulatory examinations by providing evidence of compliance.
• Partner with the Information Security Controls Manager to ensure policies are supported by appropriate controls and testing procedures.
• Evaluate security controls, identify opportunities for improvement, and communicate constructive recommendations.
• Other duties, as assigned.

Required Skills

• 7+ years of experience in information/cyber security experience, including 3+ years developing and managing information security policies in a regulated industry (preferably financial services) and 3+ years hands‑on, technical cybersecurity roles.
• Fluent understanding of regulatory requirements affecting cybersecurity, including DORA, SEC, FFIEC, and common regulations issued in Europe (EBA) and APAC (SFC, MAS).
• Working familiarity with common security frameworks, including NIST CSF and ISO 27001/27002.
• Prior experience as owner of policies or technical standards documentation.
• Experience as lead responder to regulatory examinations, audit requests, and client due diligence questionnaires related to policy and compliance.
• Proven ability to write clear, actionable policies addressing complex regulatory and technical requirements, grounded in industry accepted practices and risk management concepts, and based on existing controls and technology environments.
• Experience working with GRC (Governance, Risk, and Compliance) tooling a plus.
• Experience building cross‑functional consensus as an individual contributor.
• Bachelor’s degree in Information Security, Computer Science, Information Technology or a related field, or equivalent experience.

Success Criteria

• Strong critical thinking, analytical, organizational, time management, and writing and editing skills – all with attention to detail.
• Track record of building bridges with technology practitioners and translating complex technical concepts into simple, accessible language for business audiences.
• A self‑motivated, open, collaborative, client‑centric, consensus‑building problem‑solving mentality.
• Ability to exercise good judgment when solving problems with incomplete information.

Company Benefits & Perks

• Competitive salary, annual performance‑based bonus and stock grant.
• Retirement plan 401(k) with competitive company match.
• Excellent health and wellness benefits, including medical, dental, and vision benefits. Company paid medical healthcare premium.
• Wellness screenings and assessments, health coaches and counseling services through an Employee Assistance Program (EAP).
• Daily company lunch allowance provided and a fully stocked kitchen with healthy options for breakfast and snack.
• Corporate events including team outings, dinners, volunteer activities and company sports teams.
• Education reimbursement and learning opportunities.

Privacy Disclosure

Interactive Brokers (“IBKR”) is committed to protecting the privacy of its users. 1. Aggregate Information about Visitors. We collect information on a general and aggregate basis, such as IP addresses, in order to analyze the performance of our sites. This data is used completely anonymously in order to determine the number of people who visit our sites and the most frequently used sections of our sites.

This enables us to continually update and refine our sites to ensure it provides you with a successful experience. 2. Information about Users. When registering you are requested to enter certain information about yourself. This information forms the basis for any job application. 3.

Your online resume and job application. The details of your job application, covering letter, resume and academic results and any other information will not be viewed by anyone except IBKR and any third party service providers used by IBKR for its hiring processes. 4. Information Management. You can edit any information entered at any time before your job application is submitted. This includes contact details, email address, job application information and password.

However, once a job application has been sent, that specific job application cannot be altered. You have certain rights to see and correct data held about you. Please refer to the IBKR Group Privacy Policy on our website. 5.

Security. The security of our system is very important to us and we work hard on it. However, please note that no data transmission over the Internet is 100% secure.

Equal Employment Opportunity

As set forth in Interactive Brokers’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.