Information Security Risk Manager
DALLAS-75208, TX, US
07/04/2019
-
Required Skills
Company
Infinity Consulting Solutions, Inc
Experience
5 to 8 Year(s)
Job Description
INFORMATION SECURITY RISK MANAGER
DALLAS, TX
DIRECT HIRE: BASE + BONUS
ICS is looking for an Information Security Risk Manager for our Client in the Dallas/Fort Worth area!
In this role, the candidate will be responsible for managing Information Security risks across the organization.
The individual will perform risk assessments, and enhance the continuous information security risk monitoring program.
We are seeking strong, individually motivated candidates with a proven track record of understanding security controls and working across an organization to implement and validate controls.
WHAT YOU’LL DO:
Manage the execution and coordination of the Information Security risk functions related to the execution of framework components and sustainment of risk governance across the organization
Perform Information Security Risk assessments across the organization to ensure information security risks are identified, assessed, quantified, appropriately mitigated and managed through the lifecycle of the product and/or service
Draft reports which includes information security metrics (KRI/KPI), program status,
Information Security risk profile(s), risk acceptances and other information in order to provide a holistic picture of Information Security Risk of the organization
Perform periodic/ad-hoc reviews/testing to determine if information security controls are operating effectively
Escalate issues to appropriate levels within organization
Stay current in technology specific to information security risk management techniques, industry best practices, and regulatory requirements, as well as specific areas of
Information Security risk
Perform information security risk assessments of technology enabled projects; activities include vendor reviews, security requirement definition, and facilitation of security testing and management of residual risk
Advise and guide project teams regarding compensating control alternatives where security requirements cannot be met
Perform vendor security risk assessment activities that include evaluation of vendor controls and practices, process enhancements, performing on site assessments, reviewing security test reports, and analyzing and developing security requirements
Knowledge of regulations and standards including GLBA, FFIEC, PCI, NIST, privacy laws, COBIT and ISO
Monitor and report on new laws, regulations, industry standards and requirements that may affect the organization
SKILLS / EXPERIENCE YOU NEED:
Bachelor’s degree in engineering, computer science, or a related field with minimum of 8 years of experience
5 years of engineering, software development experience or technical leadership of technology projects
5 years’ experience with process, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting sensitive data
Knowledge of red teaming processes to validate the effectiveness of mitigating controls
Experience conducting risk assessments or running compliance programs and the presentation of acceptable evidence
Extremely Strong analytical and problem solving skills
Ability to work with all levels within the organization
Relevant industry certification, such as CISSP, CISA, CISM, CRISC etc. is desired
Risk Analyst
Information Technology
No Preference
FullTime Job
Other
1
Candidate Requirements
-
Bachelors
Walkin Information
-
-
-
Recruiter Details
Doug Klares
1350 Broadway, Suite 2205,
NEW YORK-10018, NY,
US
-