Sr. Manager, IT Risk Management

3 weeks ago

richmond, United States CarMax Full time

Do you want to play a key role in enhancing the Cybersecurity program for a Fortune 200 company and national brand that has also been listed on the Fortune 100 Best Places to Work for the past 20 years in a row. Do you enjoy working in a collaborative environment where your experience and ideas can shape the direction and development of critical cybersecurity information risk management capabilities?


Do you want to work with a team of talented professionals that have highly advanced technical knowledge and be the subject matter expert in information security risk management, third party risk management, and business continuity?

Then your job search begins and ends here….

I. BRIEF POSITION SUMMARY:

The Information Risk Manager is a critical leadership role that demands a comprehensive blend of technical expertise and strategic relationship management across information risk functions, including information security risk management, third party risk management, privacy operations, and business continuity. This individual is tasked with leading the development, implementation, and continuous refinement of an Information Risk Management framework, aligning with industry standards such as ISO 27001/2 and NIST 80030. Beyond technical responsibilities, this role is pivotal in fostering strong relationships with stakeholders, including business owners, regulatory bodies, third-party vendors, and internal teams, to ensure cohesive risk management strategies. The Information Risk Manager will oversee security policies, conduct risk assessments, manage security awareness training, and lead initiatives in business continuity, third-party security due diligence, and cyber regulatory readiness. This role serves as the information risk subject matter expert and strategic advisor in all facets of information risk management to all levels across the organization.

II. THE DAY TO DAY

  • Lead the adoption and adaptation of a comprehensive information risk management framework, integrating privacy operations, security controls design & implementation, and continuous improvement mechanisms, while maintaining strong leadership and stakeholder relationships.
  • Develop and manage security policies and procedures, ensuring compliance with legal, regulatory, and industry standards.
  • Conduct thorough risk assessments, identifying potential threats and vulnerabilities, and implement robust security measures to protect organizational assets, with a focus on transparent communication and collaboration with stakeholders.
  • Oversee the design and delivery of security awareness training and communications programs, enhancing the security culture within the organization and engaging with stakeholders to ensure widespread adoption and understanding.
  • Manage business continuity risk & resiliency planning, ensuring the organization's ability to operate during and recover from adverse events, while working closely with stakeholders to align continuity plans with business needs.
  • Conduct third-party security due diligence and vendor risk assessments to safeguard against third-party risks, collaborating with stakeholders to ensure third-party practices align with organizational security standards.
  • Lead cyber regulatory readiness initiatives, preparing the organization for compliance with current and future security and privacy regulations, and engaging with regulatory stakeholders to ensure alignment and readiness.
  • Engage in strategic board reporting, providing insights and updates on the organization's security posture and risk management efforts, and fostering strong relationships with leadership to support informed decision-making.
  • Foster a culture of continuous improvement, regularly reviewing and enhancing security and risk management practices, with a focus on stakeholder feedback and collaboration to drive organizational resilience and security.

III. EDUCATION AND/OR EXPERIEINCE

  • Bachelor’s degree in Technology, Computer Science, Business, or a related field.
  • Master’s degree or relevant professional certification (e.g., CRISC, CIA, CIPP, CISM, GIAC, CISSP) is preferred. CRISC and CISA required.
  • A minimum of 10 years of leadership experience in information risk management or a similar role, with a focus on leadership and stakeholder management.
  • Proven expertise in information security, information risk management, and compliance frameworks (NIST, CIS, ISO27001/2, etc.).
  • Demonstrated leadership in privacy operations, security awareness training, business continuity, and third-party risk management, with a track record of successful stakeholder engagement and collaboration.
  • Strong understanding of cyber regulatory environments and experience in senior leadership reporting and communication, with the ability to build and maintain effective stakeholder relationships.
  • Extensive experience in information risk assessment, policy development, and incident response management, with a focus on strategic stakeholder communication and collaboration.
  • Excellent communication skills, with the ability to effectively lead teams, influence stakeholders, and drive organizational change through strong leadership and stakeholder relationships.
  • Excellent analytical, problem-solving, and decision-making skills; high level of accuracy and attention to detail.
  • Strong leadership and organizational skills; ability to manage multiple projects and teams in a fast-paced environment.
  • Exceptional interpersonal and communication skills, both written and verbal, with the ability to explain complex compliance issues to stakeholders at all levels.
  • Demonstrated leadership - ability to gain consensus across teams without direct reporting responsibility.
  • Strong leadership skills, with the ability to manage and mentor a team of risk management professionals.
  • Dedication and commitment to top-quality service and to exceeding customer expectations.
  • Proven ability to influence without authority the information risk management direction of others.
  • Ability to build relationships that help overcome obstacles and time constraints to successfully deliver remediation to completion.


IV. WORK ENVIRONMENT

This role operates in a dynamic, fast-paced office setting, reporting directly to the VP, Chief Information Security Officer. The environment demands high levels of focus, collaboration, adaptability, and strategic stakeholder engagement to manage multiple, simultaneous demands and ensure the organization's security risk and compliance posture.

  • Sr. Manager, IT Risk Management

    2 weeks ago

    richmond, United States CarMax Full time

    Do you want to play a key role in enhancing the Cybersecurity program for a Fortune 200 company and national brand that has also been listed on the Fortune 100 Best Places to Work for the past 20 years in a row. Do you enjoy working in a collaborative environment where your experience and ideas can shape the direction and development of critical...

  • Sr. Manager, IT Risk Management

    3 weeks ago

    Richmond, United States CarMax Full time

    Do you want to play a key role in enhancing the Cybersecurity program for a Fortune 200 company and national brand that has also been listed on the Fortune 100 Best Places to Work for the past 20 years in a row. Do you enjoy working in a collaborative environment where your experience and ideas can shape the direction and development of critical...

  • Sr. Manager, EPX Risk Leader

    2 weeks ago

    Richmond, United States Capital One Full time

    Center 3 (19075), United States of America, McLean, VirginiaSr. Manager, EPX Risk LeaderWe are growing! The Enterprise Services Business Risk Office provides risk management support to several lines of business including: Tech, Enterprise Product & Experience, Brand, Enterprise Supplier Management, Capital One Ventures, External Affairs, and Capital One...

  • Sr. Manager, Tech Risk Advisory

    2 months ago

    Richmond, United States Capital One Full time

    Center 1 (19052), United States of America, McLean, VirginiaSr. Manager, Tech Risk Advisory & OversightTechnology Risk Management (TRM) is a growing organization focused on providing expert advice, credible challenge, and effective oversight of information security and technology activities to identify, assess, control, and manage cyber and technology risk...

  • Sr Project Manager

    7 days ago

    Richmond, United States Vertex Elite LLC Full time

    Dear Sr Project Manager , Vertex Elite is looking for Sr Project Manager. Please share your profile, if you are looking for a job.Job Location : 1220 Bank St, Richmond, VA 23219(Must Need Local Only)(HYBRID,ONSITE)Work Authorization : USC/GC/GC-EAD/H4-EAD/L2EAD/H1BRequired Skills Manage working relationships with key stakeholders, including executive...

  • Sr Project Manager

    7 days ago

    Richmond, United States Vertex Elite LLC Full time

    Dear Sr Project Manager , Vertex Elite is looking for Sr Project Manager. Please share your profile, if you are looking for a job.Job Location : 1220 Bank St, Richmond, VA 23219(Must Need Local Only)(HYBRID,ONSITE)Work Authorization : USC/GC/GC-EAD/H4-EAD/L2EAD/H1BRequired Skills Manage working relationships with key stakeholders, including executive...

  • Sr. Manager, IT Risk Management

    3 weeks ago

    Richmond, VA, United States CarMax Full time

    Do you want to play a key role in enhancing the Cybersecurity program for a Fortune 200 company and national brand that has also been listed on the Fortune 100 Best Places to Work for the past 20 years in a row. Do you enjoy working in a collaborative environment where your experience and ideas can shape the direction and development of critical...

  • Vertex Elite LLC | Sr Project Manager | richmond, va

    7 days ago

    richmond, United States Vertex Elite LLC Full time

    Dear Sr Project Manager , Vertex Elite is looking for Sr Project Manager. Please share your profile, if you are looking for a job.Job Location : 1220 Bank St, Richmond, VA 23219(Must Need Local Only)(HYBRID,ONSITE)Work Authorization : USC/GC/GC-EAD/H4-EAD/L2EAD/H1BRequired Skills Manage working relationships with key stakeholders, including executive...

  • Senior Risk Manager

    3 months ago

    Richmond, United States Capital One Full time

    West Creek 3 (12073), United States of America, Richmond, VirginiaSenior Risk Manager Capital One is seeking an energetic, self-motivated Senior Manager to join the Third Party Risk Management (TPRM) Team within the Operational Risk Management second line of defense. The TPRM team is a dedicated group of professionals whose mission is to provide value-add,...

  • Risk Management Specialist

    1 month ago

    Richmond, United States Dexian Full time

    JOB DESCRIPTIONAs a Risk Specialist, you will play a pivotal role in identifying, analyzing, and mitigating risks. Your responsibilities will include conducting risk assessments, monitoring compliance with regulatory requirements, and developing risk management strategies to safeguard the company's assets and reputation. You will collaborate with...

  • Director, Risk Management

    1 month ago

    Richmond, United States Capital One Full time

    Center 3 (19075), United States of America, McLean, VirginiaDirector, Risk Management (ES Risk)Risk Managers at Capital One are highly motivated risk and process management professionals with excellent analytical, organizational, risk management, project management, and communication skills. These skills allow us to gain insights, and act as a change agent...

  • Healthcare Risk Advisor

    4 weeks ago

    Richmond, United States Unison Risk Advisors Full time

    Working at RCM&D and SISCO is ideal for those seeking a challenging, rewarding and upwardly mobile career in risk management, insurance and employee benefits. Dedicated to fostering their continued success and growth, we are deeply invested in our employees. Job Summary: RCM&D is currently searching for an Insurance Advisor in our Healthcare Practice Group....

  • Senior Risk Manager

    1 month ago

    RICHMOND, United States Capital One Careers Full time

    West Creek 1 (12071), United States of America, Richmond, VirginiaSenior Risk Manager (Card) (Hybrid)Do you like working in the spotlight? Are you ready to work on the front line of a top 10 Bank? Can you build relationships as well as develop and implement innovative risk management solutions at the forefront of Technology? As a Senior Risk Manager at...

  • Senior Manager, Methodologies and Practices, Technology Risk Management

    4 months ago

    Richmond, United States Capital One Full time

    West Creek 3 (12073), United States of America, Richmond, VirginiaSenior Manager, Methodologies and Practices, Technology Risk ManagementCapital One is one of the fastest growing organizations in the world today, powered by our passion for our customers. We are serious about technology, we dream big, and we execute: Capital One moved our entire enterprise to...

  • Senior Product Manager

    4 weeks ago

    Richmond, California, United States Adecco USA Full time

    Adecco USA is seeking a skilled Sr. Product Manager to join their team in Richmond, VA or Mclean, VA. The ideal candidate will have a strong background in product management and experience in risk management.The Sr. Product Manager will be responsible for managing and reimagining a suite of Operational Risk Management products in support of risk oversight...

  • Risk Management Advisor

    1 month ago

    Richmond, Virginia, United States Truist Full time

    Job DescriptionThe Truist Financial Corporation is seeking a highly skilled Risk Management Advisor to join its team. As a key member of the Business Unit, this individual will be responsible for managing and mitigating risks associated with the company's operations.Key ResponsibilitiesReview and analyze new accounts to ensure compliance with regulatory...

  • Marketing/Communications - Product Manager - Sr

    4 weeks ago

    Richmond, United States Genesis10 Full time

    Genesis10 is currently seeking a Marketing/Communications - Product Manager - Sr. with our client in the financial industry located in Richmond, VA. This is a 6 + month contract position.Responsibilities: Take part in an organization that is on an exciting and fast paced journey to transform risk management through technology Seek feedback from users and...

  • Senior Data Management Manager

    2 weeks ago

    Richmond, United States Capital One Full time

    Senior Data Management Manager (ES Risk) We are seeking a highly motivated Senior Data Management Manager with risk management experience to join our Enterprise Services Risk Office at Capital One. In this role, you will be responsible for enhancing data management processes and providing risk consulting to multiple business areas. As a leader in risk...

  • Senior Manager, Data Management

    2 weeks ago

    Richmond, United States Capital One Full time

    Center 3 (19075), United States of America, McLean, VirginiaSenior Manager, Data Management (ES Risk)Risk Managers at Capital One are highly motivated risk and process management professionals with excellent analytical, organizational, risk management, project management, and communication skills. These skills allow us to gain insights, and act as a change...

  • Risk Management Specialist

    4 weeks ago

    Richmond, California, United States Richmond National Full time

    Job Title: Underwriter, Commercial PropertyLocation: RemoteCompany Overview:Richmond National is a specialty property & casualty insurance company focused on providing insurance to small and mid-size businesses that are unable to find coverage in the standard insurance market.We operate exclusively within the excess & surplus lines market, which provides our...