Information Security Manager

About The Position

Requirements

• 8 years of experience with risk register design and risk management frameworks.
• 8 years of experience implementing and managing risk scoring and prioritization models.
• 8 years of experience establishing governance processes and workflows in enterprise or public sector environments.
• 8 years of stakeholder engagement and enablement experience, including conducting workshops or training for risk and security management adoption.
• 8 years of demonstrated skill in developing comprehensive documentation and providing effective knowledge transfer to security staff.
• Must be able to pass a background check. May require additional background checks as required by projects and/or clients at any time during employment.
• Exceptional interpersonal skills with the ability to communicate in a clear, professional, and articulate manner.
• Exceptional verbal and written communication skills.
• Excellent organizational, analytical, and problem-solving skills with high-level attention to detail.
• Proven ability to multitask and prioritize in a fast past environment with changing priorities; adaptable to change and a quick learner.
• Must be self-motivated and able to work well independently as well as on a multi-functional team.
• Ability to handle sensitive and confidential information appropriately
• Proficient in MS Office, Word, Outlook, PowerPoint, and Excel.
• Ability to build trust and maintain relationships across technical and business teams.

Nice To Haves

• Additional qualifications, certifications, skills, or experience specific to the client’s requirements may be identified and requested upon award of the task order. Candidates should demonstrate flexibility and a willingness to adapt to evolving responsibilities as outlined by the client.

Responsibilities

• Define and implement end-to-end governance workflows for: Risk identification and intake, Risk review and validation, Risk acceptance, mitigation, or transfer, Ongoing monitoring and periodic reassessment
• Establish roles and responsibilities for risk owners, risk reviewers, and governance bodies.
• Design escalation and reporting processes for high-risk and accepted risks.
• Engage key stakeholders across business, technology, security, and governance functions to validate risk requirements and workflows.
• Facilitate working sessions and workshops to socialize and gain adoption of the risk register and governance processes.
• Support onboarding of initial risks into the enterprise risk register.
• Produce clear, audit-ready documentation covering: Risk register structure and data definitions, Risk scoring methodology, Governance workflows and decision authorities
• Provide comprehensive knowledge transfer to designated security staff to ensure sustainability of processes beyond the contract term.
• Other duties as assigned.

Benefits

• Medical, Dental and Vision Insurance
• Wellness Program
• Flexible Spending Accounts (Healthcare, Dependent Care, Commuter)
• Short-Term and Long-Term Disability options
• Basic Life and AD&D Insurance (Company Provided)
• Voluntary Life and AD&D options
• 401(k) Retirement Savings Plan with matching after one year
• Paid Time Off