Information Security Risk Manager
Company: Technology Consulting, Inc.
Location: Louisville
Posted on: November 15, 2024
|
|
Job Description:
TCI has an immediate need for an Information Security (IS) Risk
Manager in Louisville KY or Washington D.C. area. This not a C2C
opportunity. This is a 3-6 month contract opportunity with possible
extensions.
Applying for this role is straight forward Scroll down and click on
Apply to be considered for this position.
SUMMARY
The I.S. Risk Manager is tasked to protect information assets. This
role is a core function of the broader Information Security team
and is tasked with continually improving the security posture of
the company through providing security-related guidance, developing
and assessing compliance with security policies and standards,
executing the security risk management approach, and evangelizing
security matters throughout the company. The Information Security
Risk Manager will manage a program to identify, classify,
remediate, and mitigate security risks and vulnerabilities
throughout the company. Key duties to include: Continually seek to
improve the firm's security risk assessment methodology Perform
risk assessments of business processes, security controls, and
technology architecture based upon industry standard requirements
Mature the firm's IT and Security Risk Program while enhancing
underlying risk registers, security questionnaires and surveys to
aid in the effective execution of risk assessments Communicate and
mature security metrics Recommend security controls and/or
corrective actions for mitigating technical and business risks
Manage projects and enhance solutions that result from assessment
findings and recommendations Research, identify, and consult with
subject-matter experts to recommend risk mitigating solutions
Support the security awareness program to improve overall security
maturity across the firm Manage and maintain exceptions to the
firm's established policies, standards and industry norms Develop
trend reporting to identify areas of focus and risk concentration
Manage and enhance the firm's security policies
REQUIREMENTS 5+ years of experience across IT, Information
Security, Risk Management, and/or Program Management domains. 2 +
years of experience working for large scale enterprise (1,000+
employees). 2+ years of experience in risk management and security
governance. Solid working knowledge of established risk and
security control frameworks ISO 27001 and/or NIST. Ability to
communicate information about the vision and direction of our
information security program to firm leadership. Must be able to
communicate clearly and effectively with people from all levels.
Strong verbal and written communication skills, including the
ability to translate risk management concepts into business
language.
PREFERRED EXPERIENCE Information Security certifications preferred
(CISSP, CISA, CRISC, etc.)
Keywords: Technology Consulting, Inc., Fairfield , Information Security Risk Manager, Executive , Louisville, Ohio
Click
here to apply!
|