Kforce has a client in Miami, Florida (FL) that is in search of a Lead, IS Risk Assessment in the Information Security & Compliance team to supervise the evaluation and management of risk involving systems and applications.
The goal of our client's IS Risk Assessment program is to create and manage an automated, auditable, repeatable, and demonstrable program to manage information security risk to our client's information assets. This position assesses the risk of our client applications and systems using structured interview processes, questionnaires, and review of security, compliance, and data protection documentation.
* Supervise the IS risk assessment program intake, assessment, remediation, and risk treatment processes
* Collaborate with client business sponsors, information technology (IT), and third parties (where applicable) to initiate, conduct, and complete risk assessments in a timely manner
* Analyze application and system controls, documentation, and settings to identify information security risks to client
* Ensure potential information security and regulatory compliance risks (such as Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standard (PCI-DSS), etc.) associated with systems and applications are examined thoroughly, documented, communicated, treated, and monitored
* Communicate IS risk assessment requirements with business sponsors, IT, and third parties (where applicable) related to applications and systems and facilitate onboarding process
* Manage and assist in developing and onboarding IS risk assessment tools, templates, and associated processes to provide transparent reporting on activities and portfolio management
* Interact and collaborate with key personnel in various departments including, but not limited to, Procurement, IT, Legal, Crisis Management, Compliance and Ethics, Human Resources, Internal Audit, and Global Business Management
* Bachelor's in IT/IS, Computer Science, or related discipline is preferred; Non-technical degrees with Computer Science fundamentals will be considered combined with technology experience
* At least one Information Security certification such as Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), etc. required.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.