Sr. Manager Risk Management
Job Title: Sr. Manager Risk Management
Job Location: United States, Remote
Job Description:
The Sr. Manager Risk Management serves a critical business development role within our division and the client more broadly. In this position, you will work collaboratively with security and software engineering staff to understand technical issues that emerge during our program work and will establish a technical risk evaluation methodology that categorizes and prioritizes risks. You will collaborate with application developers and infrastructure managers to map control exposures into a coherent and manageable set of risks that will form the basis of certain business decisions in the division. You will connect policy, control profiles, and assessment results into a consolidated risk profile for applications and systems across the organization. Key to this role is the technical aptitude, capacity, and operational ability to leverage a risk-based mindset to highlight risks and impacts. Also critical are proficient program management skills, the ability to influence without authority, to work in a quickly changing area, and be able to represent your work to partners and leadership.
Key Areas of Responsibility:
- Perform thorough, documented risk reviews of applications and platforms.
- Analyzing technical control gaps and developing common measures of security and privacy risk.
- Lead cross-organizational teams to ensure a shared understanding of the business and technical risks faced by the division.
- Lead programmatic change to improve the overall risk posture of our technology stack.
- Design, develop, and implement a process for technical risk management that aligns with other forms of risk management inside the enterprise.
- Build positive working relationships with stakeholders and leadership to be engaged as a trusted advisor
- Manage the development of tools to automate certain risk assessment functions, such as risk reporting, and speed time to value for the technical risk program
- Support exception management, risk mitigation & remediation inside constituent organizations.
Qualifications:
- B.S. degree or equivalent work experience in cyber security, information security/systems, security operations or another relevant field.
- 5+ years of combined technical risk management, technical risk consulting, and/or data protection work experience.
- Ability to assess risk using qualitative and quantitative methodologies.
- Understanding of software and tool security concepts, such as identity isolation, multi factor authentication, software vulnerability testing, and security configuration management is preferred.