Risk & Security Manager Job Description
Risk & Security Manager Duties & Responsibilities
To write an effective risk & security manager job description, begin by listing detailed duties, responsibilities and expectations. We have included risk & security manager job description templates that you can modify and use.
Sample responsibilities for this position include:
Risk & Security Manager Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Risk & Security Manager
List any licenses or certifications required by the position: CISSP, CISM, CISA, CRISC, PMP, GSEC, DSS, PCI, ISO, CFE
Education for Risk & Security Manager
Typically a job would require a certain level of education.
Employers hiring for the risk & security manager job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Information Systems, Management, Engineering, Education, Information Technology, Business, Technology, Information Assurance
Skills for Risk & Security Manager
Desired skills for risk & security manager include:
Desired experience for risk & security manager includes:
Risk & Security Manager Examples
Risk & Security Manager Job Description
- Identify key findings related to suppliers and suppliers’ subcontractors compliance with the contractual obligations under the HIPAA Privacy and Security Rule including recent amendments from the Omnibus Rule
- Supporting the engagement director or partner
- Building and maintaining client relationships to support and lead the sales process
- Managing the engagement lifecycle
- Identify and develop potential new product lines or service opportunities
- Partner with the UK ISRM Intent Lead to aid accurate definition of intent, delivery approach and milestones that meet local requirements Enterprise needs/goals
- Initiate, plan, execute, and close on various existing security projects by working closely with various sub-teams within ISRM
- Work with each security focus area to identify long term vision and high level strategy, break this down into prioritized projects, figure out resource allocation, and help ensure continuous progress
- Direct or indirect support to intelligence, investigations, travel security, health, safety and security compliance programs
- Providing strategic guidance to the Director of Corporate Security and Business Continuity and developing detailed work plans for the completion of tasks and programs
- Ability to ensure appropriate availability and reliability of GRC components (e.g., software, infrastructure and services) through day-to-day support and operations
- Prior agency experience strongly preferred
- A Bachelor's degree relevant certifications (e.g., CISA, CRISC, CISSP, and/or CISM)
- 1-3 years of related experience in third party risk or contract management
- Strong follow-up, attention to detail, and organizational skills and the ability to manage priorities effectively
- Strong organizational, project management and multi-tasking skills with a successful track record of managing expectations, delivering results, and meeting milestones and deadlines
Risk & Security Manager Job Description
- Assisting the Director of Corporate Security and Business Continuity in preparing annual strategic plan
- Manages the creation and execution of the Enterprise Security Risk Strategy
- Act as a liaison to business owners to coordinate and manage security and risk management activities as required
- Work with IT, QA, Regulatory, CIA and business colleagues to ensure audit readiness and to prepare for internal and external audits
- Facilitate education and training to the organization on Information Security & Risk Management procedures and controls
- Provide leadership and drive employee engagement, drives a focus on Talent Development within ISRM to develop a diverse, regional IT talent pipeline
- Manage security vendor partnerships and contracts
- Review and approve security project proposals, specifications, drawings and quotations
- Create and manage access control credentials for associates in the NY Corporate Office and maintain the access card data base
- Manage the Business Continuity emergency messaging system, Send Word Now
- Experienced in Control verification or Control Testing and Threat and Vulnerability Assessments
- An understanding of corporate security, specifically physical, personnel and travel security
- Experience of delivering security projects and security improvement plans
- Knowledge of good practice for security risk management, security governance and security policy
- Knowledge of industry standards for physical security and security risk management
- Strong analytical, report writing and presentational skills
Risk & Security Manager Job Description
- Coordinate and oversee emergency management plans for recovery, decision making and communications, continuity of critical departmental processes, or temporary shut-down of non-critical departments or sites to ensure continuity of operation and governance
- Accountability of all personnel during any incident at the site or in country travel
- Initial Management of any security incident
- Act as Missed Comms Checker (MCC)
- Ensure all personnel carry out PPE policy
- Provide verbal and written notification of any incident and or casualty
- Initiate Comms Black during an incident
- MSI) Manage Serious Incident initial phase (first Hours)
- Attend any meetings – Take notes for back brief
- Production and electronic submission of personnel status (Perstats) including a daily email to distribution list
- Experience of managing delivery teams
- 2 yeasr of experience with PCI controls and compensating controls
- At least 3 years experience in IT Security/IT Risk/Information Security/Technology Risk
- Understanding of Information Security and Risk Management
- Experience in deploying or managing security operations tools (firewall, IDS/IPS, SIEM, vulnerability management, URL filtering, malware defense)
- ISO 27001 & SOC audit related work experience
Risk & Security Manager Job Description
- Attend any Force protection and all intelligence briefings & daily project meeting
- Reporting to the EMEA Deputy Regional Security Manager in the EMEA Office of Global Security based in London
- Conduct physical security risk management in support of the OGS core mission to protect the firm's people, assets, and reputation
- To support the effort to ensure compliance with OGS standards and policies
- To support the oversight of operational policies and procedures
- Managing EMEA Security Vendor contracts as required
- Liaising with OGS Project Group to ensure mutual consultation and awareness on current projects
- Assisting in the oversight and coordination of event management, executive protection, event security and travel security
- Staff support to the production of OGS standards and policies in coordination with Fire & Life Safety, Security Technology, Security Operations and Business Assurance
- Involvement in the writing and coordination geo-political security briefs
- Mitigating security controls (i.e., anti-virus, IPS/IDS, email filtering, web site blocking, patching) and how they work in an overall defense in depth risk assessment methodology
- Security event and incident handling
- Technology Platforms (Windows, Open Source, Middleware Applications, Database Applications, Adobe) - specifically as they apply to successful security control mitigation and particularly to vulnerability management
- At least 5 years of experience in a security, intelligence or strategic planning role, either with a government agency or the private sector
- At least 8 years experience in the area of IT, Information Protection, Cyber Security, or IT Audit, including at least 3 years experience in a leadership capacity with experience working with business leaders regarding security risk topics
- Demonstrated ability to develop and present risk information to all levels of an organization
Risk & Security Manager Job Description
- Act as security risk management “ambassador” to both internal and external customers
- To develop and maintain a Global Workplace Security & Risk Management to create phenomenal workplace experience through partners and vendors
- To communicate with internal stakeholders & leaders to ensure alignment with the regional expectations and smooth execution
- To develop programs that will scale, based upon changing business requirements
- To create and maintain policies, procedures and protocols for the Security & Risk Management globally, which are in-line with LinkedIn’s culture, values and priorities
- To liaise with cross-functional organizations/stakeholders to support with Event Security Programs with a goal of zero incident
- To develop and maintain a Talent Development Program for Security and Risk Management that ensures the Security & Risk Management program has appropriate talent depth in all key roles (both internal and contracted)
- To establish a robust operations plan for the Global Security Operations Center and to establish a continuous improvement programs
- To manage Workplace Security & Risk Management that complies with local regulations and LinkedIn policies
- To understand regional business strategies (as communicated by the Regional Workplace Leaders) and to translate them to program and system requirements, with the objective to deliver the necessary services proactively
- Candidate should demonstrate a strong knowledge of security controls, security risk and the ever changing security threat landscape
- Experience working with operating company/sector required
- Experience working in ASPAC region and understanding of local/regional regulations
- Experience managing internal and external IT audits required
- Experience managing a SOX 404 program for IT required
- Change leadership expertise required