Go to the profile of Andrew Raynor Technology
Andrew Raynor Technology
Andrew Raynor Technology Group & Technology staffing for New England @AndrewRaynorNH.com

For Immediate Placement — Andrew Raynor Dover New Hampshire

Our Company is currently seeking a qualified Information Security Risk Manager to deliver world-class security solutions supporting multiple HR platforms in our Americas region. Our Company is a market-leading, global, Human Resources services provider offering innovative HR business solutions through HR Technology, HR Outsourcing, and HR Consulting.

Dimension & Scope:

The Regional (Americas) InfoSec Risk Officer will be responsible for managing multiple aspects of IT security controls as they relate to Data Security, SOC1/SOC2 Audits, Client Audits and security Certifications. This position has primary ownership and operational responsibility for the formulation and delivery of information security controls and strategies that enable the Americas Company business to achieve world class benchmarks of customer service and support. The ideal candidate will need to be proficient in applying security controls across all aspects of the infrastructure to include OS, DB, application, network, and endpoint devices as well as develop a working knowledge of NGA’s various IP and Third Party platforms. They will need to be fluent in IT technology, security concepts and risk management in order to communicate effectively and persuasively with external auditors, client auditors, and business/IT operations.

Principal Duties and Responsibilities:

  • Drive the on-going harmonization and stabilization of security controls across multiple HR platforms supporting enterprise and small/medium business
  • Support Security and Risk Management team’s efforts in the areas of International Certification Standards, including ISO 9001, ISO 27001, ISO 22301, etc
  • Interface with external and client auditors as it pertains to the effectiveness of IT security control environment.
  • Act as Client-facing security consultant regarding various aspects of Data Security and other functions managed by SRM
  • Reports to and coordinates with the Chief Security Officer / Chief Information Security Officer in the development and governance of information security policies and standards
  • Performs follow-up to ensure appropriate corrective action has been taken to resolve any identified internal security control weakness.
  • Ensure close liaison with business process groups to ensure new initiatives are developed with full understanding of relevant architecture / infrastructure standards and procedures.
  • Champion any new technologies that would enable more efficient and effective security controls and ensure new technologies are investigated and proposals put forward regarding suitability and benefit.
  • Analyze the effectiveness of standards, policies, procedures and security guidelines for all SRM security activities
  • Performs consultative services and/or forensic investigative assignments, as requested by senior management and/or the company’s Governance Risk Compliance Committee.
  • Collaborate with business leaders with the implementation of Company’s Information Security and Data Privacy Policies and Standards.
  • Collaborate with colleagues across the organization to drive process change in Data Protection and Information Security related disciplines.
  • Advise the business and local teams on the process for handling and reporting Security Incidents that affect PII to include creation, investigation, and resolution via Company incident reporting procedures.
  • Promote security awareness and education within the business by promoting compliance eLearning, encouraging awareness through team discussions and communication activities
  • Liaise with the Security Team and Data Privacy members for advice and guidance to arrive at effective security and privacy solutions

Ideal candidate will have an ability to talk in non-technical terms with senior internal business partners and external clients. They will be an enthusiastic, team player, initiative thinker, very articulate, pragmatic in their approach, flexible, engaging.

For Immediate Placement — Andrew Raynor Dover New Hampshire

contact us about this posting

https://www.pinterest.com/andrewraynornh/

The post Information Risk Manager appeared first on Andrew Raynor Technology Group.

http://www.andrewraynornh.com/developers/information-risk-manager/