Fortress Investment Group

About the Company

Fortress Investment Group LLC is a leading, highly diversified global investment manager. Founded in 1998, Fortress manages $53 billion of assets under management as of June 30, 2025, on behalf of approximately 2,000 institutional clients and private investors worldwide across a range of credit and real estate, private equity and permanent capital investment strategies. AUM refers to assets Fortress manages, including capital that Fortress has the right to call from investors, or investors are otherwise required to contribute, pursuant to their capital commitments to various funds or managed accounts.

Listed Jobs

Company Name

Fortress Investment Group

Job Title

VP, Information Security Lead

Job Description

**Job Title** VP, Information Security Lead **Role Summary** Lead the design, execution, and remediation of a global cybersecurity framework for a diversified investment management firm. Combine regulatory expertise in DORA, GDPR, and CPRA with business resilience and application security to protect proprietary systems and the vendor ecosystem. **Expectations** - Achieve compliance with DORA, NIST, GDPR, and CPRA regulations. - Maintain high‑availability trading and investment operations through effective BIA, RTO/RPO planning, and disaster recovery. - Serve as senior escalation point for security incidents and support SOC performance. - Drive continuous improvement of security posture through technology projects and metrics dashboards. **Key Responsibilities** - Implement and maintain DORA controls and European operational resilience standards. - Lead GDPR and CPRA mapping, subject‑access requests, and privacy impact assessments. - Execute security vetting and periodic due‑diligence for new and existing vendors. - Conduct deep‑dive application risk assessments for proprietary and third‑party software. - Conduct Business Impact Analysis, define RTO/RPO, and design/test disaster recovery plans with infrastructure teams. - Manage security incidents: containment, eradication, post‑mortem. - Monitor SOC alerts, develop security metrics and risk dashboards for leadership. - Lead technology projects to enhance overall security posture. **Required Skills** - 7–12 years of progressive information security experience, ideally in financial services or alternative investment management. - Expertise in regulatory frameworks (DORA, GDPR, CPRA, NIST). - Application security risk assessment, BIA, RTO/RPO, and disaster recovery design. - Incident response, SOC management, and vendor risk management. - Strong analytical, problem‑solving, and communication skills. - Ability to work autonomously and collaboratively with cross‑functional teams. **Required Education & Certifications** - Bachelor’s degree in Computer Science, Cyber Security, Business Administration, or related field. - Certified Information Systems Security Professional (CISSP) OR Certified Information Security Manager (CISM) OR Certified Information Systems Auditor (CISA).

New york, United states

Hybrid

Senior

07-02-2026