Derived from job-description analysis by Serendipath's career intelligence engine.
Original posting from Aditi Consulting
Payrate
$59.00 - $62.00/hr.
Summary
In this role you will identify, assess, and mitigate information security and technology risks across our organization’s infrastructure, applications, and business processes. This role combines technical expertise with business acumen to protect our digital assets while enabling business objectives. This position is highly collaborative, and will involve developing close working partnerships with engineering, architecture, risk management, compliance, legal, communications, government relations, and oversight teams.
Responsibilities
- In your day‑to‑day role you will serve as the dedicated Risk Manager for an assigned technology portfolio, owning end‑to‑end issue and risk management lifecycle including identification, triage, documentation, remediation planning, and closure validation, while partnering with functional areas across the technology organization to manage the Enterprise issue and risk remediation programs.
- Own and drive risk reduction for your assigned portfolio, ensuring all identified risks and control gaps are accurately logged, prioritized by severity and business impact, assigned to accountable owners, and tracked through to resolution within defined SLAs.
- Recognized as a security expert, independently resolving the most complex security challenges and providing strategic direction on problem resolution across the security and technology domain.
- Possess a keen awareness of the broader impact of decisions, with initiatives often leading to enterprise‑wide improvements that enhance security practices and operational efficiency.
- Partner with team members through complex challenges, while maintaining a focus on high‑impact results.
What do you need to bring
- Knowledge of current and emerging information technologies (e.g., AI / ML); cybersecurity threats and vulnerabilities; risk management processes and practices; industry standard control frameworks and best practices (e.g., NIST, ISO); and prominent cybersecurity and privacy regulations globally.
- Strong work ethic with proven ability to learn quickly, prioritize work, and manage complex deliverables to completion under established deadlines.
- Willingness to drill down into complex topics as needed to understand and validate key tactical or technical details with strategic level implications, and ability to identify and articulate those "big picture" considerations for key audiences.
- Superb consultative, adjudicative, investigative, and influencing skills, including business acumen, stakeholder empathy, and conflict resolution, as well as general comfort working in a dynamic, global, fluid, and matrixed working environment.
- Exceptional verbal and written communication and analysis skills, including experience developing high‑quality written analysis, strategy, or policy documents.
- Prior involvement in analysis, interpretation, and communication of legal or regulatory technology policy requirements.
- Practiced at targeting and delivering written work products and verbal presentations to varied audiences (e.g., executives, engineers, customers, regulators, etc.).
- Unquestionable professional and ethical integrity, ideally demonstrated through experience with projects of a sensitive, privileged, or confidential nature.
- Ability to approach and understand problems from a statistical or quantitative perspective and draw meaningful, accurate conclusions, as well as scrutinize models and inferences for misleading or overlooked considerations.
Top 3 must-have hard skills
- Risk and Issue Management and GRC Platform Proficiency
- Control Frameworks and Regulatory Knowledge
- Quantitative Risk Analysis
Nice to Have
- Background in security or technology risk, with the ability to collaborate effectively with the Risk team.
- Strong skills in critical thinking, risk assessment, and risk management, combined with expertise in information security, technology, and cyber risk.
Qualifications
- Master’s Degree in a relevant discipline, such as cybersecurity, business, public policy, economics, statistics, risk management, or computer science; outstanding bachelor’s degree candidates will be considered.
- Certifications preferred: CISM, CISA, CISSP, CGEIT, AAIA, CRISC.
- 5+ years total experience in technology or security governance, policy, risk management, and / or compliance roles.
Pay Transparency
The typical base pay for this role across the U.S. is $59.00 - $62.00/hr. Non‑exempt positions are eligible for overtime at a rate of 1.5 times the base hourly rate for all hours worked in excess of 40 in a work week, or as required by state or local law. Final offer amounts, within the base pay set forth above, are determined by factors including your relevant skills, education and experience. Full‑time employees are eligible to select from different benefits packages. Packages may include medical, dental, and vision benefits, health savings accounts with qualified medical
Source: Aditi Consulting careers