Security Risk Manager

What you’ll be doing...

Sets the data security parameters for critical business initiatives, including initiatives in new lines of business, new products and technologies, and services.
Provides security oversight, direction, guidance, and requirements to IT application leaders, business sponsors, and 3rd part business partners.
Collaborates with Legal advisors and IT Security Management to gain risk acceptance on data security matters. Obtains and understands functional and technical requirements on high risk business initiatives or IT work efforts involving internal software development, use of third party software, new technologies or any use of information assets.
Participates as a stakeholder representing Information Security in requirements gathering sessions, design sessions, and approach framework sessions. Generally occurs early to mid phases of SDLC.
Identifies the information security risk factors based on data classification, design, and functional purpose and use.
Negotiates compensating controls that may be necessary due to inability to comply with the primary control requirements.
Ensures requirements and designs include approved strategic security technologies.
Completes and presents to IT management and business sponsors a risk assessment evaluation articulating risk and impact analysis when security controls cannot be met by an initiative.
Brokers meetings as needed between project team members and specialized security experts when additional details are required or circumstances are unique or private (under special NDA).
Conducts weekly meetings with management and specialized security experts to provide project updates and risk overviews.
What we’re looking for...

You'll need to have:

Bachelor's degree in Information Systems or related field; or four or more years of work experience.
Four or more years of relevant work experience.
3+ years of related experience in Information Security, Software Development/Technical Support.
Even Better if you have;

A Degree.
5+ years IT or related experience.
Experience in an Information Security, Software Development/Technical Support related position.
IT or related experience.
One or more of the following professional certifications: CISA (Certified Information Security Auditor), CISM(Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Controls), GSEC (General Security Essentials Certification), or equivalent, or willingness to obtain within 6 months.
A thorough understanding of all stages of the SDLC process, from coding and code promotion through all levels of testing as well as management of multiple non-production environments.
A solid understanding of networking technologies ad portals.
A base knowledge of databases and operating systems.
Knowledge of data security fundamentals and best practices with prior responsibilities of protecting information assets.
A demonstrated ability to coordinate and lead productive working sessions with resources from multiple application and technology teams across the enterprise.
Ability to effectively communicate with Legal department attorneys and other supporting business groups such as Compliance and Finance.
Excellent written and verbal communication skills. The ability to work effectively with multiple corporate cultures.
Familiarity with IT Governance practices and processes, and solid business acumen.

You may return to your current search results by clicking here.

Latest Job Listings