We are looking for a Security Risk and Compliance Manager. This is an eighteen (18) months contract position in Raleigh, North Carolina with our client and can be remote. In this role you are responsible for building a risk management program, performing risk assessments of processes, third parties, and IT systems, and proposing actions to address those risks. Sorry no visa consideration for this position.
Responsibilities for a Security Risk and Compliance Manager:
- Build a risk management program
- Develop, implement, and maintain compliance policies and procedures in accordance with relevant laws and regulations.
- Conduct regular audits and assessments to ensure compliance.
- Spearhead the implementation of a lightweight governance and policy framework
- Coordinate with firm personnel to facilitate cyber risk analysis and risk management processes and identify acceptable risk based on information classification and needed protection.
- Provide support for compliance with ISO certification, including collection and organization of artifacts with Information Technology Teams.
- Work across various business areas to evaluate whether security risks to the company are identified and minimized and acceptable internal controls and procedures are followed.
- Ensure that user access to information assets is provisioned, managed, and terminated as required.
- Maintain documentation of security standards, procedures, processes, and guidelines.
- Coordinate the writing, review, and finalization of company policies, standards, procedures, and guidelines.
- Collaborate with technical teams (e.g., HR, IT, Applications, and Desktop Support) during the strategic planning and implementation of new business initiatives.
Required Skills and Qualifications as a Security Risk and Compliance Manager:
- Good technical understanding of IT and Cybersecurity.
- Great understanding of Cybersecurity Risks.
- Experience with real Cyber risk.
- Understanding of NIST CSF and CIS18.
- Experience in Process Management, Project Management, Security Risk and Compliance, Reporting, and Data Analysis.
- Experience communicating conceptual and technical information
- Experience translating technical data into business impact information
- Polymath: Skilled in various areas relevant for this role and eager to independently build new skills beneficial for the role.
- Makes the team’s mission a priority and does what’s necessary to help with the team mission. The main driver is to see the team succeed, not personal praise or recognition.
- People Smart: Possesses good social skills and can easily work with colleagues from different backgrounds.