Govserviceshub
Information Security Risk Compliance Manager
New York, United States | Posted on 09/26/2025 Job Title:
Information Security Risk Compliance Manager
Location-NYC, NY
Descrption
Seeks anInformation Security Risk Compliance Manager who will have the responsibilityfor several functions associated with IT security – from ensuring the security ofsoftware to selecting and/or constructing and deploying broader networksecurity systems.
Scope of Work
Objectives:
The InformationSecurity Risk Compliance Manager oversees the organization's efforts in
Compliancemanagement,
Securityawareness and training,
Securityaudits and assessments, reporting and communication, continualimprovement, and cross-functional collaboration.
Theirrole is to ensure that the organization's systems, networks, and processesare secure, compliant with regulations and standards, and aligned withorganizational goals and objectives.
Requirements
Responsibilities:
Conductrisk assessments to identify potential threats and vulnerabilities to theorganization.
Developand implement risk management strategies and policies to mitigateidentified risks.
Monitorand evaluate risk exposure across various departments and business units.
Coordinatewith stakeholders to ensure compliance with regulatory requirements andindustry standards.
Communicaterisk management strategies and findings to senior management and relevantstakeholders.
Leadthe development and maintenance of the organization's risk register andrisk management framework.
Provideguidance and support to departments and teams in implementing riskmitigation measures.
Conducttraining and awareness programs on risk management principles andpractices.
Continuouslymonitor and review the effectiveness of risk management strategies andadjust as necessary.
Stayupdated on emerging risks and industry trends to proactively addresspotential threats to the organization.
Maintainand enhance the company-wide security awareness program.
Takeownership of establishing and enforcing security standards both within theteam and across the organization. Work proactively and collaboratively toachieve change management and buy-in.
ComplianceManagement: Ensure compliance with relevant regulations, standards, andframeworks such as GDPR, HIPAA, ISO 27001, NIST, etc., by establishing andmaintaining appropriate controls and processes.
RiskMitigation: Develop and oversee risk mitigation strategies and controls toaddress identified security risks, including implementing technicalcontrols, security best practices, and security awareness trainingprograms.
IncidentResponse: Develop and implement incident response plans and procedures toeffectively respond to and manage security incidents, including databreaches, cyberattacks, and security breaches.
VendorRisk Management: Assess and manage risks associated with third-partyvendors and service providers, including evaluating their securityposture, conducting due diligence assessments, and ensuring contractual compliance.
Cross-functionalcollaboration: Collaborate with IT teams, legal, HR, compliance, and otherdepartments to ensure a holistic approach to information security riskmanagement and compliance.
ContinualImprovement: Monitor industry trends, emerging threats, and regulatorychanges to ensure that the organization's information security risk andcompliance programs remain up-todate and effective.
PreferredSkills:
Excellentverbal and written communication skills.
Abilityto work both independently and as part of a team.
Knowledgeof Networking (Firewall, Networking Protocols);
Workingknowledge Frameworks
Workingknowledge of Information Security Domains
#J-18808-Ljbffr
New York, United States | Posted on 09/26/2025 Job Title:
Information Security Risk Compliance Manager
Location-NYC, NY
Descrption
Seeks anInformation Security Risk Compliance Manager who will have the responsibilityfor several functions associated with IT security – from ensuring the security ofsoftware to selecting and/or constructing and deploying broader networksecurity systems.
Scope of Work
Objectives:
The InformationSecurity Risk Compliance Manager oversees the organization's efforts in
Compliancemanagement,
Securityawareness and training,
Securityaudits and assessments, reporting and communication, continualimprovement, and cross-functional collaboration.
Theirrole is to ensure that the organization's systems, networks, and processesare secure, compliant with regulations and standards, and aligned withorganizational goals and objectives.
Requirements
Responsibilities:
Conductrisk assessments to identify potential threats and vulnerabilities to theorganization.
Developand implement risk management strategies and policies to mitigateidentified risks.
Monitorand evaluate risk exposure across various departments and business units.
Coordinatewith stakeholders to ensure compliance with regulatory requirements andindustry standards.
Communicaterisk management strategies and findings to senior management and relevantstakeholders.
Leadthe development and maintenance of the organization's risk register andrisk management framework.
Provideguidance and support to departments and teams in implementing riskmitigation measures.
Conducttraining and awareness programs on risk management principles andpractices.
Continuouslymonitor and review the effectiveness of risk management strategies andadjust as necessary.
Stayupdated on emerging risks and industry trends to proactively addresspotential threats to the organization.
Maintainand enhance the company-wide security awareness program.
Takeownership of establishing and enforcing security standards both within theteam and across the organization. Work proactively and collaboratively toachieve change management and buy-in.
ComplianceManagement: Ensure compliance with relevant regulations, standards, andframeworks such as GDPR, HIPAA, ISO 27001, NIST, etc., by establishing andmaintaining appropriate controls and processes.
RiskMitigation: Develop and oversee risk mitigation strategies and controls toaddress identified security risks, including implementing technicalcontrols, security best practices, and security awareness trainingprograms.
IncidentResponse: Develop and implement incident response plans and procedures toeffectively respond to and manage security incidents, including databreaches, cyberattacks, and security breaches.
VendorRisk Management: Assess and manage risks associated with third-partyvendors and service providers, including evaluating their securityposture, conducting due diligence assessments, and ensuring contractual compliance.
Cross-functionalcollaboration: Collaborate with IT teams, legal, HR, compliance, and otherdepartments to ensure a holistic approach to information security riskmanagement and compliance.
ContinualImprovement: Monitor industry trends, emerging threats, and regulatorychanges to ensure that the organization's information security risk andcompliance programs remain up-todate and effective.
PreferredSkills:
Excellentverbal and written communication skills.
Abilityto work both independently and as part of a team.
Knowledgeof Networking (Firewall, Networking Protocols);
Workingknowledge Frameworks
Workingknowledge of Information Security Domains
#J-18808-Ljbffr