Risk & Security Manager Job Description
Risk & security manager
provides information Security guidance to project managers and IT experts, in line with OMVs Information Security standards, industry standards and best practices.
Risk & Security Manager Duties & Responsibilities
To write an effective risk & security manager job description, begin by listing detailed duties, responsibilities and expectations. We have included risk & security manager job description templates that you can modify and use.
Sample responsibilities for this position include:
Supports implementation of an overall control framework (comprehensive control set) in IT COBIT
Provide Security and IT Risk counsel to GTI Make recommendations related to risk exposures, trends, related best practices in the area of IT Risk and Security
Lead and manage internal and external resources performing third party risk assessments coordinate with internal assurance functions
Review third party policies related to Information Security, comparison and gap analysis to internal security policies and requirements
Manage and maintain an effective third party risk management program across multiple business units
Collaborate, develop and support the systems and tools to manage third party risk
Keep current on changes in federal and state laws and regulations impacting the area of responsibility and ensure that applicable changes in policies and procedures are updated and communicated in a timely manner
Conduct training and awareness campaign on third party risk management program to employees, contractors, and third parties
Prepare and present regular reports as required, including the management of all meaningful statistics relating to third party risk management
Develop and coordinate the implementation of periodic risk assessments of networked assets that identify vulnerabilities
Risk & Security Manager Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Risk & Security Manager
List any licenses or certifications required by the position: CISSP, CISM, CISA, CRISC, PMP, GSEC, DSS, PCI, ISO, CFE
Education for Risk & Security Manager
Typically a job would require a certain level of education.
Employers hiring for the risk & security manager job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Information Systems, Management, Engineering, Education, Information Technology, Business, Technology, Information Assurance
Skills for Risk & Security Manager
Desired skills for risk & security manager include:
Criminal and civil subpoenas and the appropriate disposition of each
Investigative methodology and case management experience
Managing investigations
Testifying
Auditing and risk management
Business continuity planning
IT security and privacy standards
Practices
Technologies
Information security fundamentals
Desired experience for risk & security manager includes:
Knowledge of security issues, techniques and implications across UNIX, LAMP stack, LINUX and Windows environments
Relevant graduate degree (computer science, management of information security)
Network architectures, network traffic analysis
Comprehensive understanding of operating system environments including Windows, UNIX / Linux, mainframe environments
Point-of-Sale security systems
Ethical hacking / Penetration testing
Risk & Security Manager Examples
1
Risk & Security Manager Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of risk & security manager. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for risk & security manager
- Identify key findings related to suppliers and suppliers’ subcontractors compliance with the contractual obligations under the HIPAA Privacy and Security Rule including recent amendments from the Omnibus Rule
- Supporting the engagement director or partner
- Building and maintaining client relationships to support and lead the sales process
- Managing the engagement lifecycle
- Identify and develop potential new product lines or service opportunities
- Partner with the UK ISRM Intent Lead to aid accurate definition of intent, delivery approach and milestones that meet local requirements Enterprise needs/goals
- Initiate, plan, execute, and close on various existing security projects by working closely with various sub-teams within ISRM
- Work with each security focus area to identify long term vision and high level strategy, break this down into prioritized projects, figure out resource allocation, and help ensure continuous progress
- Direct or indirect support to intelligence, investigations, travel security, health, safety and security compliance programs
- Providing strategic guidance to the Director of Corporate Security and Business Continuity and developing detailed work plans for the completion of tasks and programs
Qualifications for risk & security manager
- Ability to ensure appropriate availability and reliability of GRC components (e.g., software, infrastructure and services) through day-to-day support and operations
- Prior agency experience strongly preferred
- A Bachelor's degree relevant certifications (e.g., CISA, CRISC, CISSP, and/or CISM)
- 1-3 years of related experience in third party risk or contract management
- Strong follow-up, attention to detail, and organizational skills and the ability to manage priorities effectively
- Strong organizational, project management and multi-tasking skills with a successful track record of managing expectations, delivering results, and meeting milestones and deadlines
2
Risk & Security Manager Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of risk & security manager. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for risk & security manager
- Assisting the Director of Corporate Security and Business Continuity in preparing annual strategic plan
- Manages the creation and execution of the Enterprise Security Risk Strategy
- Act as a liaison to business owners to coordinate and manage security and risk management activities as required
- Work with IT, QA, Regulatory, CIA and business colleagues to ensure audit readiness and to prepare for internal and external audits
- Facilitate education and training to the organization on Information Security & Risk Management procedures and controls
- Provide leadership and drive employee engagement, drives a focus on Talent Development within ISRM to develop a diverse, regional IT talent pipeline
- Manage security vendor partnerships and contracts
- Review and approve security project proposals, specifications, drawings and quotations
- Create and manage access control credentials for associates in the NY Corporate Office and maintain the access card data base
- Manage the Business Continuity emergency messaging system, Send Word Now
Qualifications for risk & security manager
- Experienced in Control verification or Control Testing and Threat and Vulnerability Assessments
- An understanding of corporate security, specifically physical, personnel and travel security
- Experience of delivering security projects and security improvement plans
- Knowledge of good practice for security risk management, security governance and security policy
- Knowledge of industry standards for physical security and security risk management
- Strong analytical, report writing and presentational skills
3
Risk & Security Manager Job Description
Job Description Example
Our company is searching for experienced candidates for the position of risk & security manager. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for risk & security manager
- Coordinate and oversee emergency management plans for recovery, decision making and communications, continuity of critical departmental processes, or temporary shut-down of non-critical departments or sites to ensure continuity of operation and governance
- Accountability of all personnel during any incident at the site or in country travel
- Initial Management of any security incident
- Act as Missed Comms Checker (MCC)
- Ensure all personnel carry out PPE policy
- Provide verbal and written notification of any incident and or casualty
- Initiate Comms Black during an incident
- MSI) Manage Serious Incident initial phase (first Hours)
- Attend any meetings – Take notes for back brief
- Production and electronic submission of personnel status (Perstats) including a daily email to distribution list
Qualifications for risk & security manager
- Experience of managing delivery teams
- 2 yeasr of experience with PCI controls and compensating controls
- At least 3 years experience in IT Security/IT Risk/Information Security/Technology Risk
- Understanding of Information Security and Risk Management
- Experience in deploying or managing security operations tools (firewall, IDS/IPS, SIEM, vulnerability management, URL filtering, malware defense)
- ISO 27001 & SOC audit related work experience
4
Risk & Security Manager Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of risk & security manager. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for risk & security manager
- Attend any Force protection and all intelligence briefings & daily project meeting
- Reporting to the EMEA Deputy Regional Security Manager in the EMEA Office of Global Security based in London
- Conduct physical security risk management in support of the OGS core mission to protect the firm's people, assets, and reputation
- To support the effort to ensure compliance with OGS standards and policies
- To support the oversight of operational policies and procedures
- Managing EMEA Security Vendor contracts as required
- Liaising with OGS Project Group to ensure mutual consultation and awareness on current projects
- Assisting in the oversight and coordination of event management, executive protection, event security and travel security
- Staff support to the production of OGS standards and policies in coordination with Fire & Life Safety, Security Technology, Security Operations and Business Assurance
- Involvement in the writing and coordination geo-political security briefs
Qualifications for risk & security manager
- Mitigating security controls (i.e., anti-virus, IPS/IDS, email filtering, web site blocking, patching) and how they work in an overall defense in depth risk assessment methodology
- Security event and incident handling
- Technology Platforms (Windows, Open Source, Middleware Applications, Database Applications, Adobe) - specifically as they apply to successful security control mitigation and particularly to vulnerability management
- At least 5 years of experience in a security, intelligence or strategic planning role, either with a government agency or the private sector
- At least 8 years experience in the area of IT, Information Protection, Cyber Security, or IT Audit, including at least 3 years experience in a leadership capacity with experience working with business leaders regarding security risk topics
- Demonstrated ability to develop and present risk information to all levels of an organization
5
Risk & Security Manager Job Description
Job Description Example
Our innovative and growing company is hiring for a risk & security manager. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for risk & security manager
- Act as security risk management “ambassador” to both internal and external customers
- To develop and maintain a Global Workplace Security & Risk Management to create phenomenal workplace experience through partners and vendors
- To communicate with internal stakeholders & leaders to ensure alignment with the regional expectations and smooth execution
- To develop programs that will scale, based upon changing business requirements
- To create and maintain policies, procedures and protocols for the Security & Risk Management globally, which are in-line with LinkedIn’s culture, values and priorities
- To liaise with cross-functional organizations/stakeholders to support with Event Security Programs with a goal of zero incident
- To develop and maintain a Talent Development Program for Security and Risk Management that ensures the Security & Risk Management program has appropriate talent depth in all key roles (both internal and contracted)
- To establish a robust operations plan for the Global Security Operations Center and to establish a continuous improvement programs
- To manage Workplace Security & Risk Management that complies with local regulations and LinkedIn policies
- To understand regional business strategies (as communicated by the Regional Workplace Leaders) and to translate them to program and system requirements, with the objective to deliver the necessary services proactively
Qualifications for risk & security manager
- Candidate should demonstrate a strong knowledge of security controls, security risk and the ever changing security threat landscape
- Experience working with operating company/sector required
- Experience working in ASPAC region and understanding of local/regional regulations
- Experience managing internal and external IT audits required
- Experience managing a SOX 404 program for IT required
- Change leadership expertise required