Sr. Security Risk Manager
1 week ago
This position is hybrid and will be in office three days/week in the following cities:
Atlanta, GA - Burlington, MA - Austin, TX - Salt Lake City, UT - McLean, VA
The Opportunity
Our client's GRC team within Information Security plays a crucial role in supporting their mission. They ensure they meet their duty of care to their customers, employees, and partners by creating effective governance for upholding internal security policies, distributing foundational security expertise across every department to create a strong security culture, and bolstering customer and community trust by providing accessible and transparent information about their internal security program. This role engages regularly with other cross functional teams such as Legal, IT, HR, Sales, Finance and other executive teams.
They're looking for a Senior Security Risk Manager to help advance their security risk and third party risk programs, helping them operationalize their risk management program alongside the third party risk program by implementing and managing companywide risk assessments, managing the risk register, and operationalizing a risk methodology that works across the enterprise. Security and third party risk are cross-cutting focus areas that impact all parts of the business, and this manager will be responsible for not only maintaining and fleshing out the existing program, but also seeking out areas in which the program should advance and mature.
Your profile:
Are you looking for a new opportunity to grow your career in information security, while being hands-on, applying your compliance & governance skills to the client's rapidly maturing company-wide security governance programs? Do you want to have a direct impact on a risk management program?
If you've been answering “yes” to these questions, then you might be the person we're looking for Keep reading below to learn more about this unique opportunity to drive impact on a security team at a security company.
What You'll Do:
- Guide and advise other teams on the responsibilities of implementing security controls, policies, and processes across products and corporate environments
- Build positive relationships with partner teams in Marketing, Legal, Sales, Customer Success, HR, and other teams to continuously improve internal security culture and external awareness of the security program
- Help create metrics to demonstrate the efficiency and effectiveness of the Security risk program and to inform continuous program improvements
- Evolve risk management practices to be more transparent, highly efficient, easy for stakeholders to engage with, and centered around objective evidence and data
- Build data pipelines and metrics (KPIs, KRIs, KCIs) that provide real-time insight into risk posture
- Develop, streamline, automate, and integrate security review processes (threat modeling, secure design reviews, etc.) and risk management processes (identification assessment analysis reporting)
- Empower technical teams to efficiently self-serve security review processes, such as threat modeling
- Identify and assess risk scenarios using qualitative and quantitative methods
- Co-create risk mitigation and remediation plans with InfoSec and partner team subject matter experts
What You'll Bring
- Senior level experience typically gained in 6-8 years working in Security Risk and Third Party Risk
- Experience with risk assessments and advisory functions
- Experience with risk rating methodologies
- Experience recommending mitigating controls and driving risk remediation
- Experience reporting on risks and program operations to management
- Expert knowledge of security risk management practices (inc. 3rd party).
- Ability to operate various security risk management processes & tooling
- Solid understanding of security risk and control frameworks such as ISO 27001, ISO 27701,NIST SP 800-53, and NIST SP 800-30
- Solid understanding of cloud security architectures, technologies, and security controls
Additional Qualifications:
- Required Education / Experience:
- 6+ years' experience of related work with management experience, specifically building and running risk and third party risk programs for technology companies
- Bachelors' degree in Business, Computer Science, or related field
- Occasional travel required
Required Certifications / Experience:
- ISO27001 (supporting certification efforts)
- SOC2 (supporting certification efforts)
- Secure Controls Framework (mapping and execution)
- Information security certification or risk management certifications preferred (CISA, CISM, CRISC, CISSP)
- Experience building metrics using business intelligence, data analytics, or dashboarding tools (PowerBI)
Preferred Certifications / Experience:
- Experience using and administering various audit and GRC-focused technology platforms
- Experience leading enterprise risk management functions
Additional pluses:
- Market conform salary + success-oriented bonus
- Total comp package expected to land between 190-230K including base, bonus, and stock
- Supportive and engaged leadership team
- 401(k) plan, full benefits package available
- Company paid Disability and Life Insurance
- Hybrid work environment
-
Director of Governance, Risk, and Compliance
1 week ago
Burlington, United States Cedar Gate Technologies Inc Full timeJob DescriptionJob DescriptionJob Location: Hybrid Remote in our office in Burlington, MA, or Fully Remote in the USAPosition SummaryReasons you will want this position:We are a rapidly growing company with limitless career growth and advancement for top performersOur culture appreciates and rewards creative ideas, especially those that achieve better...
-
Director of Governance, Risk, and Compliance
17 hours ago
Burlington, United States Cedar Gate Technologies Inc Full timeJob DescriptionJob DescriptionJob Location: Hybrid Remote in our office in Burlington, MA, or Fully Remote in the USAPosition SummaryReasons you will want this position:We are a rapidly growing company with limitless career growth and advancement for top performersOur culture appreciates and rewards creative ideas, especially those that achieve better...
-
Burlington, United States CareerBuilder Full timeThe JPMC Global Security Department (GS) provides physical security, protection, investigation, resiliency, and crisis management services in support of the company, its employees, customers, assets, and facilities throughout the world. This responsibility includes the development and implementation of security and safety policies and procedures, regulatory...
-
Supervisory Transportation Security Specialist
Found in: Talent US 2 C2 - 1 week ago
Burlington, United States Transportation Security Administration Full timeSummary Securing Travel, Protecting People - At the Transportation Security Administration, you will serve in a high-stakes environment to safeguard the American way of life. In cities across the country, you would secure airports, seaports, railroads, highways, and/or public transit systems, thus protecting America's transportation infrastructure...
-
Sr Test Lead
3 days ago
Burlington, United States Diverse Lynx Full timeRole: Sr Test Lead / SDETLocation: Burlington MA - Onsite Skill: SDET, Selenium, Java. Job description: Sr Test Lead / SDET with 8+ years of strong testing & development (Java) background.Experience in automation tools/framework.Experience in Selenium & Java.Profound knowledge in SQL.Ability to work in fast paced environment.Extensive knowledge in creating a...
-
Sr. Software Engineer
Found in: beBee S US - 2 weeks ago
Burlington, United States Smartsoft International Full timeTitle Sr. Software Engineer Position Type C2H Location Burlington VT United States (Relocation OK)DescriptionAs a Sr. Software Engineer on the Marketing and Advertising Release Train you will work in a collaborative agile team environment that encourages you to perform at your best and challenges you to engineer elegant solutions for complex business...
-
Sr. Software Engineer
Found in: beBee jobs US - 2 weeks ago
Burlington, Vermont, United States Smartsoft International Full timeTitle Sr. Software Engineer Position Type C2H Location Burlington VT United States (Relocation OK)DescriptionAs a Sr. Software Engineer on the Marketing and Advertising Release Train you will work in a collaborative agile team environment that encourages you to perform at your best and challenges you to engineer elegant solutions for complex business...
-
Information System Security Officer
Found in: Dice One Red US C2 - 1 week ago
Burlington, United States John Galt Staffing Full timeThe team is in need of ISSO candidates to continue work within the Cyber Security Team supporting Air Force programs. RESPONSIBILITIES:- Assist and Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).- Continuously validate the organization against...
-
Information Security Analyst
1 week ago
Burlington, United States IXIS, LLC Full timeJob DescriptionJob DescriptionSalary: IXIS is seeking an information security analyst to join our team that is developing cutting-edge, custom analytics and dashboarding solutions. In this role, you will collaborate with senior leadership and all departments within the organization to establish, monitor and test security policies and practices for the entire...
-
Information Security Analyst
16 hours ago
Burlington, United States IXIS, LLC Full timeJob DescriptionJob DescriptionSalary: IXIS is seeking an information security analyst to join our team that is developing cutting-edge, custom analytics and dashboarding solutions. In this role, you will collaborate with senior leadership and all departments within the organization to establish, monitor and test security policies and practices for the entire...
-
Sr. Licensed Architect
1 week ago
Burlington, United States Robson Forensic Full timeJob DescriptionJob DescriptionSENIOR LICENSED ARCHITECTDo you want to use your training, education, and experience in a new and meaningful way?If so, we are looking for a Sr. Licensed Architect to provide investigation, analysis, reports, and testimony where technical and scientific answers are needed to help resolve civil litigation and insurance claims. ...
-
Clinical Trial Associates
1 week ago
Burlington, United States Cardurion Pharmaceuticals, Inc Full timeJob DescriptionJob DescriptionDescription:Why join Cardurion Pharma?At Cardurion, we are advancing the understanding of signaling pathways that regulate heart cell function. Our programs seek to modulate these pathways to reverse the pathophysiological mechanisms that drive cardiovascular disease. We invite you to explore our website to learn more about our...
-
Clinical Trial Associates
17 hours ago
Burlington, United States Cardurion Pharmaceuticals, Inc Full timeJob DescriptionJob DescriptionDescription:Why join Cardurion Pharma?At Cardurion, we are advancing the understanding of signaling pathways that regulate heart cell function. Our programs seek to modulate these pathways to reverse the pathophysiological mechanisms that drive cardiovascular disease. We invite you to explore our website to learn more about our...
-
Manager, Engineering
1 week ago
Burlington, United States Veracode Full timeOne of the things we pride ourselves on is the culture we create that allows us to draw the best talent to our organization. It's our responsibility as leaders to foster an environment that invites innovation, creativity, and an opportunity to develop and demonstrate strong command of functional excellence for the folks we employ. The Web Application...
-
Hardware Engineering Manager
Found in: Dice One Red US C2 - 1 week ago
Burlington, United States BAE Systems Full timeJob Description Because this role involves a combination of collaborative/in-person and independent work, it will take the form of a hybrid work format, with time split between working onsite and remotely. BAE Systems is seeking a Design Verification Manager to work within our Electronic Systems business area leading a Design Verification (DV) group. We are...
-
Sr Software Engineer
1 week ago
Burlington, United States Veracode Full timeVeracode is seeking an enthusiastic, motivated engineer who shares our vision to secure the world's software and who has the passion to be a strong contributor on a high performance team. Microservices, Continuous Delivery, and DevOps in the Cloud are our pillars of success to achieve this vision. As a member of the team you will participate in agile...
-
Security Solutions Engineer
1 week ago
Burlington, United States Planet Technology USA Full timeAs a Solutions Engineer, you'll be instrumental in driving the success of our Physical Security Information Management (PSIM) software. Our software integrates data from various security technologies and hardware, such as CCTV surveillance, intruder detection, access control systems, and video walls. What you'll do; Contribute to large-scale, resilient...
-
Sr Programmer/Analyst
Found in: Talent US C2 - 1 week ago
Burlington, United States Labcorp Drug Development Full timeDescription : Sr. IT Tech Specialist Provide technical solutions and requirements to support current software plus new projects to the Labcorp Laboratory System. This includes developing interfaces with internal Labcorp niche systems, acquisitions, external hospital Laboratory Information Systems (LIS) and external Referral Laboratories. Ensures...
-
Sr Programmer/Analyst
1 week ago
Burlington, United States LabCorp Full timeLabcorp is recruiting a Senior Programmer Analyst for a dynamic team in either Burlington or Durham, NC. Job Description: Sr. IT Tech Specialist Provide technical solutions and requirements to support current software plus new projects to the Labcorp Laboratory System. This includes developing interfaces with internal Labcorp niche systems, acquisitions,...
-
Security Solutions Engineer
Found in: Appcast US C2 - 2 weeks ago
Burlington, United States Planet Technology Full timeAs a Solutions Engineer, you'll be instrumental in driving the success of our Physical Security Information Management (PSIM) software.Our software integrates data from various security technologies and hardware, such as CCTV surveillance, intruder detection, access control systems, and video walls. What you'll do;Contribute to large-scale, resilient...