TNT Staffing LLC
Hi
Information Security Risk Compliance Manager will report to the Chief Information Security Officer Scope of Work Objectives:
The Information Security Risk Compliance Manager oversees the organization's efforts in • Risk assessment, Risk mitigation, • Compliance management, • Security governance, incident response, vendor risk management, • Security awareness and training, • Security audits and assessments, reporting and communication, continual improvement, and cross-functional collaboration. • Their role is to ensure that the organization's systems, networks, and processes are secure, compliant with regulations and standards, and aligned with organizational goals and objectives.
Responsibilities: • Conduct risk assessments to identify potential threats and vulnerabilities to the organization. • Develop and implement risk management strategies and policies to mitigate identified risks. • Monitor and evaluate risk exposure across various departments and business units. • Coordinate with stakeholders to ensure compliance with regulatory requirements and industry standards. • Communicate risk management strategies and findings to senior management and relevant stakeholders. • Lead the development and maintenance of the organization's risk register and risk management framework. • Provide guidance and support to departments and teams in implementing risk mitigation measures. • Conduct training and awareness programs on risk management principles and practices. • Continuously monitor and review the effectiveness of risk management strategies and adjust as necessary. • Stay updated on emerging risks and industry trends to proactively address potential threats to the organization. • Maintain and enhance the company-wide security awareness program. • Take ownership of establishing and enforcing security standards both within the team and across the organization. Work proactively and collaboratively to achieve change management and buy-in.
Deliverables: • Compliance Management: Ensure compliance with relevant regulations, standards, and frameworks such as GDPR, HIPAA, ISO 27001, NIST, etc., by establishing and maintaining appropriate controls and processes. • Risk Mitigation: Develop and oversee risk mitigation strategies and controls to address identified security risks, including implementing technical controls, security best practices, and security awareness training programs. • Incident Response: Develop and implement incident response plans and procedures to effectively respond to and manage security incidents, including data breaches, cyberattacks, and security breaches. • Vendor Risk Management: Assess and manage risks associated with third-party vendors and service providers, including evaluating their security posture, conducting due diligence assessments, and ensuring contractual compliance. • Cross-functional collaboration: Collaborate with IT teams, legal, HR, compliance, and other departments to ensure a holistic approach to information security risk management and compliance. • Continual Improvement: Monitor industry trends, emerging threats, and regulatory changes to ensure that the organization's information security risk and compliance programs remain up-todate and effective. Preferred Skills: • Excellent verbal and written communication skills. • Ability to work both independently and as part of a team. • Knowledge of Networking (Firewall, Networking Protocols); • Working knowledge Frameworks • Working knowledge of Information Security Domains • Working knowledge of Security protocols • Working knowledge of Cloud computing
(201) 574-3889 Cell Jackie@tntstaffing.com
Information Security Risk Compliance Manager will report to the Chief Information Security Officer Scope of Work Objectives:
The Information Security Risk Compliance Manager oversees the organization's efforts in • Risk assessment, Risk mitigation, • Compliance management, • Security governance, incident response, vendor risk management, • Security awareness and training, • Security audits and assessments, reporting and communication, continual improvement, and cross-functional collaboration. • Their role is to ensure that the organization's systems, networks, and processes are secure, compliant with regulations and standards, and aligned with organizational goals and objectives.
Responsibilities: • Conduct risk assessments to identify potential threats and vulnerabilities to the organization. • Develop and implement risk management strategies and policies to mitigate identified risks. • Monitor and evaluate risk exposure across various departments and business units. • Coordinate with stakeholders to ensure compliance with regulatory requirements and industry standards. • Communicate risk management strategies and findings to senior management and relevant stakeholders. • Lead the development and maintenance of the organization's risk register and risk management framework. • Provide guidance and support to departments and teams in implementing risk mitigation measures. • Conduct training and awareness programs on risk management principles and practices. • Continuously monitor and review the effectiveness of risk management strategies and adjust as necessary. • Stay updated on emerging risks and industry trends to proactively address potential threats to the organization. • Maintain and enhance the company-wide security awareness program. • Take ownership of establishing and enforcing security standards both within the team and across the organization. Work proactively and collaboratively to achieve change management and buy-in.
Deliverables: • Compliance Management: Ensure compliance with relevant regulations, standards, and frameworks such as GDPR, HIPAA, ISO 27001, NIST, etc., by establishing and maintaining appropriate controls and processes. • Risk Mitigation: Develop and oversee risk mitigation strategies and controls to address identified security risks, including implementing technical controls, security best practices, and security awareness training programs. • Incident Response: Develop and implement incident response plans and procedures to effectively respond to and manage security incidents, including data breaches, cyberattacks, and security breaches. • Vendor Risk Management: Assess and manage risks associated with third-party vendors and service providers, including evaluating their security posture, conducting due diligence assessments, and ensuring contractual compliance. • Cross-functional collaboration: Collaborate with IT teams, legal, HR, compliance, and other departments to ensure a holistic approach to information security risk management and compliance. • Continual Improvement: Monitor industry trends, emerging threats, and regulatory changes to ensure that the organization's information security risk and compliance programs remain up-todate and effective. Preferred Skills: • Excellent verbal and written communication skills. • Ability to work both independently and as part of a team. • Knowledge of Networking (Firewall, Networking Protocols); • Working knowledge Frameworks • Working knowledge of Information Security Domains • Working knowledge of Security protocols • Working knowledge of Cloud computing
(201) 574-3889 Cell Jackie@tntstaffing.com