Manager Cybersecurity Governance and Risk

Job Title : Manager, Cybersecurity Governance and Risk

Primary Location : Chicago, Atlanta, NY or DC

Position Type : Direct Hire

Compensation Information

The expected salary range for this position is 150k-185k per year, depending on experience and qualifications. This role also qualifies for comprehensive benefits such as health insurance, company matched 401(k), and paid time off. We are committed to pay transparency and equal opportunity. The salary range provided is in compliance with applicable state and federal regulations.

Overview

Manager, Cybersecurity Governance and Risk . This is a Direct Hire role in Chicago, Atlanta, NY or DC (Remote) . The Manager, Cybersecurity Governance and Risk leads IT risk management initiatives to increase transparency of risk impacts to the Firm, manages the Cyber risk register, issues log, facilitates the Risk Operating Committee, and supports the Governance and Risk team in identifying and implementing industry standards (e.g., NIST, ISO and COBIT) in accordance with applicable regulatory or client guidelines.

The role will contribute to evolving ITRM's oversight, reporting, governance, communications, and education efforts from an Information Security perspective. The Manager will also assist in developing methodologies, policies, processes, and tools to support InfoSec and Governance and Risk initiatives.

What You Bring to the Role. (Ideal Experience)

• Bachelor degree in Information Security, Information Assurance, Computer Science, Information Systems, or other related field (two years of additional experience may be substituted for two years of college credits);
• At least 7 years of combined information technology, information security and risk management experience.
• CISA, CISM, GSEC, CISSP, CRISC or other security-related certification preferred.
• Advanced understanding of risk management concepts, frameworks, and methodologies.
• Strong understanding of information security concepts and technologies.
• Background in consulting preferred.
• Fundamental knowledge of the operation of law practices; and
• Advanced knowledge of MS Outlook, Word, Excel, Visio, and PowerPoint.
• Strong project management skills and understanding of the technology and operational risks related to technology solutions.
• Advanced awareness of current information security standards and developments (CSF, NIST, ISO), the COSO framework, as well as the emerging cyber threat landscape.
• Strong understanding of Operational Risk from a Technology perspective.
• Excellent analytical and problem-solving skills, inquisitive nature and comfort challenging current practices.
• Understanding of governance, risk and compliance (GRC) practices and technologies across governance, process and technical domains.
• Third party assessment experience, including the evaluation of SOC2 Type 2, SIG, Pen Test, etc., reports.
• Ability to develop and maintain a solid working relationships across the departments; and
• High-level technical understanding of security applications, platforms and architectures.

What You'll Do. (Skills Used in this Position)

If applying for this role - Please take each key point and provide number of years experience and what you would rate yourself, 1 thru 10 (10 being expert) for each key point. Send your resume and notes on the role to expediate our recruiting services.