Security Risk Assessor

Security Risk Assessor

Location: Remote

Compensation: $90,000 - $150,000 per year, depending on experience and qualifications.

Employment Type: Full-Time

What you can expect as a Senior Security Risk Assessor at Fortress:

The Security Risk Assessor, Cybersecurity TPRM role is an individual contributor role responsible for the timely and effective review of security assessments in accordance with service level agreements and quality standards, as well as training and overseeing the work product of less experienced staff.

Disclaimer: We aren't hiring for this role just yet, but we expect to in the future. If you're interested in being considered when the role becomes available, we encourage you to submit your application. We appreciate your interest.

Responsibilities include:

• Consistently deliver on assigned workload, commitments, deadlines and objectives while following established service level agreements in scope and leveraging appropriate tools, methods, frameworks, and professional standards.
• Continuously demonstrate the ability to work independently while representing the services of the department with the highest level of professionalism.
• Collaborate with internal partners and third parties to enhance, mitigate, and resolve third party risks.
• Represent Fortress as a key first point of contact to our clients and their third parties.
• Execute the Validated Controls Assessment (VCA) workflow for your assigned clients.
• Perform issue remediation reviews to include identification of findings, coordinating plans and dates with the vendors, and reviewing evidence submitted to recommend closure of findings.
• Support Managers and Account Leaders with account management activities as needed.
• Other duties as assigned.

Minimum Qualifications:

• Must have at least 2 years of proven working experience in cybersecurity control reviews, operational risk management, information security, crisis management, security standards/assessments, or risk management. (Required)
• Experience in a customer/client-facing environment.
• Experience working in highly regulated industries, such as financial services, energy, and/or healthcare.
• Solid understanding of risk management concepts, particularly around information security, IT general controls, and basic audit terminology and concepts.
• Understanding of information security frameworks (e.g., NIST 800-53, NIST CSF, ISO
• Attention to detail, sound judgment, logical thinking, and proven ability to follow established scripts/consistency models, drive tasks to completion, meet deadlines in a fast-paced environment, and adapt to a changing business environment with periodic supervision.
• Demonstrated professional communication and client relationship skills.
• Strong computer skills, including Microsoft Office Suite and Google products (e.g., Word, Excel, Gmail) and other business software.
• Ability to leverage AI tools and independently use and refine prompts to enhance the quality, efficiency, and insight of regular work processes.
• Ambition, drive, sharp vision, and a great attitude.

Preferred Experience:

• Big 4 experience.
• Record of accomplishment of success as a top performer.
• Experience working in highly regulated industries, such as: Financial services (PCI, GLBA), Energy (NERC CIP), or Healthcare (HIPAA).
• Proven experience effectively prioritizing schedules and flexing workload to meet tight deadlines and challenging work objectives.
• Certification in security or risk management (CTPRP, CRISC, CISA, CISSP, Security+).

Education:

• Associate Degree required.
• Bachelor's degree preferred.

Employee Benefits:

• Remote and Hybrid working environment
• Competitive pay structure
• Medical, dental, vision plans with employees covered up to 90% with highly progressive options for dependents and families
• Company paid life, short- and long-term disability insurance
• Employee Assistance Program
• 401(k) match
• Flexible Paid Time Off
• Parental Leave
• Access to thousands of Learning & Development courses that range from mental health and wellbeing, stress, and time management to an array of technical and business-related courses

Employment Perks:

• We provide each employee with professional growth opportunities through succession planning, up-skilling, and certifications
• Tuition and certification reimbursement
• Employee Referral Programs
• Company Sponsored Events

Fortress is proud to be an Equal Opportunity Employer. All employees and applicants will receive consideration for employment without regard to age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law. Fortress Information Security takes part in the E-Verify process for all new hires.

For positions located in the US, the following conditions apply. If you are made a conditional offer of employment, you will have to undergo a drug test. ADA Disclaimer: In developing this job description care was taken to include all competencies needed to successfully perform in this position. However, for Americans with Disabilities Act (ADA) purposes, the essential functions of the job may or may not have been described for purposes of ADA reasonable accommodation. All reasonable accommodation requests will be reviewed and evaluated on a case-by-case basis.