Manager Cybersecurity Governance and Risk
Manager Cybersecurity Governance and Risk
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Job Title: Manager Cybersecurity Governance and Risk
Primary Location: Chicago Atlanta NY or DC
Position Type: Direct Hire
Compensation Information
The expected salary range for this position is 150k185k per year depending on experience and qualifications. This role also qualifies for comprehensive benefits such as health insurance company matched 401(k) and paid time off. We are committed to pay transparency and equal opportunity. The salary range provided is in compliance with applicable state and federal regulations.
Overview
Manager Cybersecurity Governance and Risk. This is a Direct Hire role in Chicago Atlanta NY or DC (Remote). The Manager Cybersecurity Governance and Risk leads IT risk management initiatives to increase transparency of risk impacts to the Firm manages the Cyber risk register issues log facilitates the Risk Operating Committee and supports the Governance and Risk team in identifying and implementing industry standards (e.g. NIST ISO and COBIT) in accordance with applicable regulatory or client guidelines.
The role will contribute to evolving ITRMs oversight reporting governance communications and education efforts from an Information Security perspective. The Manager will also assist in developing methodologies policies processes and tools to support InfoSec and Governance and Risk initiatives.
What You Bring to the Role. (Ideal Experience)
- Bachelor degree in Information Security Information Assurance Computer Science Information Systems or other related field (two years of additional experience may be substituted for two years of college credits);
- At least 7 years of combined information technology information security and risk management experience.
- CISA CISM GSEC CISSP CRISC or other securityrelated certification preferred.
- Advanced understanding of risk management concepts frameworks and methodologies.
- Strong understanding of information security concepts and technologies.
- Background in consulting preferred.
- Fundamental knowledge of the operation of law practices; and
- Advanced knowledge of MS Outlook Word Excel Visio and PowerPoint.
- Strong project management skills and understanding of the technology and operational risks related to technology solutions.
- Advanced awareness of current information security standards and developments (CSF NIST ISO) the COSO framework as well as the emerging cyber threat landscape.
- Strong understanding of Operational Risk from a Technology perspective.
- Excellent analytical and problemsolving skills inquisitive nature and comfort challenging current practices.
- Understanding of governance risk and compliance (GRC) practices and technologies across governance process and technical domains.
- Third party assessment experience including the evaluation of SOC2 Type 2 SIG Pen Test etc. reports.
- Ability to develop and maintain a solid working relationships across the departments; and
- Highlevel technical understanding of security applications platforms and architectures.
What Youll Do. (Skills Used in this Position)
- Assist with the development implementation and management of the governance and risk strategic plan and roadmap including evolving the reporting structure and frequency to InfoSec stakeholders.
- In conjunction with the Controls and TPRM Managers evolve develop and manage the development maintenance and evaluation of organizational InfoSec governance and risk procedures processes and guidelines in accordance with Firm and Client requirements.
- Serve as a key contributor in identifying managing and communicating governance and risk across InfoSec policy domains providing expertise to prioritize and manage risk while facilitating the adoption in conjunction with the Controls Manager of IT Risk policies standards and guidelines across the enterprise.
- Manage the Cyber risk and issue registers and remediations including supporting monthly ROC meetings (e.g. agenda data calls etc.) tracking and aggregating the risk registers and performing risk(s) to policy domain to control(s) mapping to provide prioritization and transparency into control and policy domains requiring remediation.
- Works with the Controls Manager and other stakeholders to identify validate and document deficiencies in ITRM governance processes and risk management practices propose remediations and enforce cross functional POAM initiatives and status reporting requirements in accordance with prioritization requirements.
- Assist InfoSecs TPRM and Client InfoSec Assessments including assessment activities (completion and quality control reviews) developing or revising control narratives and supports reporting efforts to InfoSec leadership and stakeholders.
- Evolve risk methodologies as well as conduct and support risk assessments to support InfoSec the identification of risk across policy domains identify opportunities for control enhancement and risk mitigation.
- Facilitate the definition and maintenance of InfoSec governance and risk measures and metrics.
If applying for this role Please take each key point and provide number of years experience and what you would rate yourself 1 thru 10 (10 being expert) for each key point. Send your resume and notes on the role to expediate our recruiting services.
Employment Type
Full Time
