Lead cyber risk assessments and develop mitigation strategies for validated risks.
Guide the development of risk governance frameworks and oversee cyber risk management program-related documentation (methodologies, tools, processes, etc.)
Collaborate with enterprise program teams related to risk themes, lessons learned and other improvement opportunities.
Develop, review and present reports to senior management and stakeholders, effectively communicating the findings and offering strategic insights and actionable recommendations.
Learn IT risk assessment methodologies by staying familiar with industry best practices.
Support policy and procedure development to enhance robust security and compliance.

Bachelor’s Degree in Information Security, Computer Science, Business or similar field
8 years of experience in Compliance frameworks and regulations
Professional certifications such as PCI ISA, CISSP, CISA, CRISC
Must be 18 years of age or older
9 years of experience in Compliance frameworks and regulations (preferred)
Professional certifications such as CISM, CIPP, CDSPE, CCSP, CGEIT (preferred)
Excellent analytical, presentation and project management skills
Strong ability to navigate organizationally across multiple functional areas providing work direction on risk activities and governance processes.
Ability to communicate program criticality and negotiate delivery amidst competing priorities.
Strategic and analytical thinking skills, and the ability to execute in a complex, matrixed organization.
Influential and results-driven professional with strong organizational skills, able to prioritize and multitask effectively under pressure and tight deadlines.

Business Information Security Officer

Key skills