Information Security Risk Compliance Manager- In Person Interview

Job Title: Information Security Risk Compliance Manager

Duration: 12 Months

Location: New York, NY

Key responsibilities:

• Develop and implement risk management strategies and policies to mitigate identified risks.
• Monitor and evaluate risk exposure across various departments and business units.
• Coordinate with stakeholders to ensure compliance with regulatory requirements and industry standards.
• Communicate risk management strategies and findings to senior management and relevant stakeholders.
• Lead the development and maintenance of the organization's risk register and risk management framework.
• Provide guidance and support to departments and teams in implementing risk mitigation measures.
• Conduct training and awareness programs on risk management principles and practices.
• Continuously monitor and review the effectiveness of risk management strategies and adjust as necessary.
• Stay updated on emerging risks and industry trends to proactively address potential threats to the organization.
• Maintain and enhance the company-wide security awareness program.
• Take ownership of establishing and enforcing security standards both within the team and across the organization. Work proactively and collaboratively to achieve change management and buy-in.
• Conduct risk assessments to identify potential threats and vulnerabilities to the organization.

Deliverables:

• Compliance Management: Ensure compliance with relevant regulations, standards, and frameworks such as GDPR, HIPAA, ISO 27001, NIST, etc., by establishing and maintaining appropriate controls and processes.
• Risk Mitigation: Develop and oversee risk mitigation strategies and controls to address identified security risks, including implementing technical controls, security best practices, and security awareness training programs.
• Incident Response: Develop and implement incident response plans and procedures to effectively respond to and manage security incidents, including data breaches, cyberattacks, and security breaches.
• Vendor Risk Management: Assess and manage risks associated with third-party vendors and service providers, including evaluating their security posture, conducting due diligence assessments, and ensuring contractual compliance.
• Cross-functional collaboration: Collaborate with IT teams, legal, HR, compliance, and other departments to ensure a holistic approach to information security risk management and compliance.
• Continual Improvement: Monitor industry trends, emerging threats, and regulatory changes to ensure that the organization's information security risk and compliance programs remain up-to- date and effective.

Required Skills:

• Excellent verbal and written communication skills.
• Ability to work both independently and as part of a team.
• Knowledge of Networking (Firewall, Networking Protocols);
• Working knowledge Frameworks
• Working knowledge of Information Security Domains
• Working knowledge of Security protocols
• Working knowledge of Cloud computing