Job Details

Information Security Risk Manager

DALLAS-75208, TX, US
07/04/2019

-


Required Skills

    CISSP
Company

Infinity Consulting Solutions, Inc

Experience

5 to 8 Year(s)

Job Description

INFORMATION SECURITY RISK MANAGER

DALLAS, TX

DIRECT HIRE: BASE + BONUS

ICS is looking for an Information Security Risk Manager for our Client in the Dallas/Fort Worth area!

In this role, the candidate will be responsible for managing Information Security risks across the organization.

The individual will perform risk assessments, and enhance the continuous information security risk monitoring program.

We are seeking strong, individually motivated candidates with a proven track record of understanding security controls and working across an organization to implement and validate controls.

WHAT YOU’LL DO:

Manage the execution and coordination of the Information Security risk functions related to the execution of framework components and sustainment of risk governance across the organization

Perform Information Security Risk assessments across the organization to ensure information security risks are identified, assessed, quantified, appropriately mitigated and managed through the lifecycle of the product and/or service

Draft reports which includes information security metrics (KRI/KPI), program status,
Information Security risk profile(s), risk acceptances and other information in order to provide a holistic picture of Information Security Risk of the organization

Perform periodic/ad-hoc reviews/testing to determine if information security controls are operating effectively

Escalate issues to appropriate levels within organization

Stay current in technology specific to information security risk management techniques, industry best practices, and regulatory requirements, as well as specific areas of
Information Security risk

Perform information security risk assessments of technology enabled projects; activities include vendor reviews, security requirement definition, and facilitation of security testing and management of residual risk

Advise and guide project teams regarding compensating control alternatives where security requirements cannot be met

Perform vendor security risk assessment activities that include evaluation of vendor controls and practices, process enhancements, performing on site assessments, reviewing security test reports, and analyzing and developing security requirements

Knowledge of regulations and standards including GLBA, FFIEC, PCI, NIST, privacy laws, COBIT and ISO

Monitor and report on new laws, regulations, industry standards and requirements that may affect the organization

SKILLS / EXPERIENCE YOU NEED:

Bachelor’s degree in engineering, computer science, or a related field with minimum of 8 years of experience

5 years of engineering, software development experience or technical leadership of technology projects

5 years’ experience with process, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting sensitive data

Knowledge of red teaming processes to validate the effectiveness of mitigating controls

Experience conducting risk assessments or running compliance programs and the presentation of acceptable evidence

Extremely Strong analytical and problem solving skills

Ability to work with all levels within the organization

Relevant industry certification, such as CISSP, CISA, CISM, CRISC etc. is desired



Risk Analyst
Information Technology

No Preference
FullTime Job
Other
1

Candidate Requirements
-
Bachelors

Walkin Information
-
-
-

Recruiter Details
Doug Klares
1350 Broadway, Suite 2205, NEW YORK-10018, NY, US
-