Information Security Risk Lead
ClientSolv Technologies is an IT solution firm with over a decade of experience serving Fortune 1000 companies, public sector and small to medium sized companies. ClientSolv Technologies is a woman-owned and operated company that is certified as a WMBE, 8a firm by the Federal government's Small Business Administration.
We are seeking an Information Security Risk Lead for a contract-to-hire role in the south Denver area (near I-25 and Lincoln). This role will function as a central Information Security subject matter expert supporting enterprise teams, including mentoring other Information Security GRC team members. You will work within the GRC team to mature the current risk management programs, such as risk assessment execution, control testing and monitoring, and procedure documentation. The Risk Lead will also provide cyber security advice to business partners to effectively manage risk to the business and will validate that security and technology controls are implemented to support business and security requirements.
Primary responsibilities of the Information Security Risk Management Lead include the following:
- Partner with Business Units to identify, analyze and mitigate security risk, internal and third party, associated with activities executed throughout the enterprise.
- Act as team lead across information security risk management activities including internal and third party risks.
- Provide security consultation for new and ongoing enterprise initiatives.
- Consult on defining security policies and best practices.
- Educate and build awareness of security requirements across the organization.
- Improve compliance with security standards and policies across enterprise teams.
- Participate in testing and monitoring of security and privacy controls executed by enterprise teams.
- Lead security enhancement projects focused on new or changing technologies.
- Publish executive-level security reporting across governance, risk, and compliance activities.
- Bachelors Degree (or equivalent experience) and at least 5-8 years of directly related experience.
- Strong understanding of risk mitigation methodologies and regulatory requirements pertaining to information security, privacy, and/or data security.
- Understanding of SOX, PCI, CPNI, CCPA, FACTA and similar IT Compliance and Privacy regulations.
- Experience leading and/or mentor less experienced Information Security Risk team members
- Project Management
- Self-led Learner
- Customer First Mentality
- Strong Adaptability
- Process Documentation Management
- Process Mapping Development
- Presentation Skills
- Communication w Executives
- Team Mentorship
- Can Interpret Regulations and Compliance Requirements
- Thought Leadership
- Cross-functional Team Leadership
- Strategic Thinking and Planning (Team)
- Brand & Team Ambassador
- Solid Risk Management Foundation
- Solid Information Security Foundation
- Solid Security Control Framework Foundation
- General Data Privacy Foundation
- Teach/Educate Risk & InfoSec Principles
- Consult Business on Risk and InfoSec Principles
This contract -to-hire role will be located onsite in the south Denver area.