ClientSolv Technologies Information Security Risk Management- Lead in Englewood, Colorado
The Information Security Risk Management Lead will function as a central Information Security subject matter expert supporting enterprise teams, including mentoring other Information Security GRC team members. They will work within the GRC team to mature the current risk management programs, such as risk assessment execution, control testing and monitoring, and procedure documentation. The Risk Lead will also provide cyber security advice to business partners to effectively manage risk to the business and will validate that security and technology controls are implemented to support business and security requirements.
Primary responsibilities of the Information Security Risk Management Lead include the following:
Partner with Business Units to identify, analyze and mitigate security risk, internal and third party, associated with activities executed throughout the enterprise.
Act as team lead across information security risk management activities including internal and third party risks.
Provide security consultation for new and ongoing enterprise initiatives.
Consult on defining security policies and best practices.
Educate and build awareness of security requirements across the organization.
Improve compliance with security standards and policies across enterprise teams.
Participate in testing and monitoring of security and privacy controls executed by enterprise teams.
Lead security enhancement projects focused on new or changing technologies.
Publish executive-level security reporting across governance, risk, and compliance activities.
Customer First Mentality
Process Documentation Management
Process Mapping Development
Communication w Executives
Can Interpret Regulations and Compliance Requirements
Cross-functional Team Leadership
Strategic Thinking and Planning (Team)
Brand & Team Ambassador
Solid Risk Management Foundation
Solid Information Security Foundation
Solid Security Control Framework Foundation
General Data Privacy Foundation
Can Teach/Educate Risk & InfoSec Principles
Can Consult Business on Risk and InfoSec Principles
Education and Experience:
Bachelors Degree (or equivalent experience) and at least 5-8 years of directly related experience. Must have a solid understanding of SOX, PCI, CPNI, CCPA, FACTA and similar IT Compliance and Privacy regulations.
Strong understanding of risk mitigation methodologies and regulatory requirements pertaining to information security, privacy, and/or data security.
CTH will convert into full time .