Information Security Risk Manager Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the information security risk manager job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

X Cronin

Xavier

Cronin

5694 Schmeler Shoals

Phoenix

+1 (555) 326 2714

5694 Schmeler Shoals

Phoenix

Phone

p +1 (555) 326 2714

Experience Experience

Dallas, TX

Information Security Risk Manager

Dallas, TX

Adams, Jast and Sporer

Dallas, TX

Information Security Risk Manager

Commissioning and rolling out of information security awareness training and conducting regular awareness raising activities
Maintaining on-going visibility of Global Businesses key initiatives and helping to prioritise Information Security Risk oversight according to risk
Obtaining and collating information around information security risks and remedial action
Maintaining on-going visibility of initiatives and prioritise Information Security risk
Provide assistance to IT teams in defining and executing action plans to implement controls
Manages Information Technology controls monitoring activities such as penetration testing and insider threat analysis
Strong documentation and process oriented background with leading and managing complex Technology projects

Chicago, IL

Senior Information Security Risk Manager

Chicago, IL

Wuckert-Wisozk

Chicago, IL

Senior Information Security Risk Manager

Sustain and improve the enterprise information security risk management framework, policy, processes, and tools
Manage the risk reporting process with the Director of Information Security Program Management and Autodesk’s Chief Information Security Officer (CISO)
Manage relationships with security, technology and business stakeholders to identify and communicate security risks and mitigation approaches
Develop and implement the next-level down risk management processes (process-level, asset-level, etc.), including embedding risk assessments into existing capabilities (architecture reviews, secure design and development, etc.)
Develop and articulate the vision, strategy, and direction of the information security risk program
Work proactively with the IT compliance function regarding key information security risk considerations
Establish and deliver against the risk program goals, objectives and tactics

present

Dallas, TX

Information Security Risk Manager, VP

Dallas, TX

Kuphal-Olson

present

Dallas, TX

Information Security Risk Manager, VP

present

Identify opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk
8+ years with risk advisory and senior management communication, metrics, collaboration to drive risk based results
Influence management, business and Technology practitioners equally to achieving risk reductions, reporting, and GRC oversight of the firms Cyber Assessments
Maintain strong working relationships with individuals and groups involved in managing information risks across the organization
Perform focused risks assessments of existing or new services and technologies
Contribute to the Cyber assessment metrics and GRC reporting to senior management to influence risk based results
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA)

Education Education

Bachelor’s Degree in Integrity

Florida International University

Bachelor’s Degree in Integrity

Skills Skills

Knowledge and understanding of Health Insurance Portability and Accountability Act (HIPAA)
Good knowledge and understanding of system development lifecycle and its implications on BAU service
Critical thinking skills with strong attention to detail and follow up
Have excellent relationship management skills and able to influence business and IT stakeholders
Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
Ability to build and maintain strong working relationships with stakeholders at various levels
Ability to learn quickly and apply risk/control considerations, mindful of business process impact
Good knowledge of data protection and privacy regulations
Strong attention to detail
Strong verbal communication - able to communicate complex and technical issues in plain English

Create a Resume in Minutes

15 Information Security Risk Manager resume templates

Read our complete resume writing guides

Information Security Risk Manager Switzerland Resume Examples & Samples

Assessment and approval of
New business initiatives (NBI)
Outsourcing/offshoring initiatives (OBI)
Assessment and approval of various concession requests
Maintain ORF2 Key Procedure Control Framework for Information Security
Support Divisional Information Security Officer UBS CH in implementing Information Security (IS) measures in area of accountability
Support the management of IS Policies and Directives

Information Security Risk Manager Resume Examples & Samples

1 – CTB responsibilities for delivering a portfolio of information security initiatives globally (the ISRM programme – 10 vendor resources)
2 – Manage a global RTB team (2 in Switzerland, 20 in UBS Krakow, 2 London and part-time resources in APAC and US). This requires a strong focus on RTB control process
3 – Support the IB DISO in all matters related to information security ensuring effective risk management across the organisation establishing the security baseline, managing compliance with this baseline and liaising with other business and IT functions, such as Legal & Compliance
Conduct risk assessments, report outcome and support mitigation activities and projects. Develop response recommendations (accept / mitigate) where required
Support COO's and business activities as SME for security risk and compliance. Engage Legal & Compliance and maintain view of IS requirements / Regional view – standards to support IS policy

Information Security Risk Manager Resume Examples & Samples

6+ years of experience in a combination of Risk Management, Information Security and IT jobs
Bachelor's Degree in Business Administration or a Technology-related field, or equivalent work- or education-related experience
Knowledge of common information security management frameworks, such as ISO/IEC 27001, COBIT and NIST
Experience with contract and vendor risk assessments
Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment
Knowledge and understanding of Health Insurance Portability and Accountability Act (HIPAA)
Knowledge of pension systems or pension industry

Information Security Risk Manager Resume Examples & Samples

Support COO’s and business lines as SME for security risk and compliance especially in the subject areas of logical access control relating to entitlements provisioning, JML management and segregation of duties
Manage the IB annual line manager and other asset owner's logical access review and attestation process as well as engage Legal & Compliance to maintain a balanced and regional view of IS requirements as well as manage and support the day to day relationship with offshore DISO and DCA teams
Support the ISRM programme activities to implement and maintain a security control baseline for logical access management and other related areas
Manage, assess and respond to Audit points and ORI actions on behalf of the IB DISO, developing IB response recommendations (accept / mitigate) for IB DISO approval as well as support relevant Group initiatives ensuring IB requirements / investments are represented at all times
Manage and report on IB security-related activities, incidents and events through ownership of the CPRA process on behalf of IB DISO and provide input to the relevant ORF reporting processes as well as determine IB regional security operations requirements relating to logical access controls as well as conduct risk assessments, report outcome and support mitigation activities and projects

GBM Information Security Risk Manager Resume Examples & Samples

The Global Banking & Markets Information Security Risk (GBM ISR) function is responsible for all aspects of Information Security Risk impacting the Global Businesses across the regions
The GBM ISR team mainly operates from the 4 hub locations: UK, France, Hong Kong and USA. The 60+ onshore resources and 100+ Off shore resources (India, China, Malaysia)
Undergraduate degree BA/BS, or equivalent business and/or technical experience in a related field
Investment Banking and Markets experience/knowledge
Extensive experience in Information Security Risk Management
Experience in designing, deploying and performing 2LOD assurance review programme
Experience in identifying risk, reporting on risk themes, measuring residual risk and evaluating effectiveness of controls in reducing risk
Extensive knowledge of compliance, legal, internal / external audit & regulatory / statutory requirements
Knowledge of security architectures and industry standard risk analysis approaches (Control Objectives for Information and Related Technology (COBIT), International Organization for Standardization (ISO))
Excellent analytical, interpersonal, presentation, written & verbal communication skills
Ability to work independently and manage multiple technical and/or non-technical projects
Have knowledge of project lifecycle and methodologies
Knowledge of Investment Banking systems
Confidence working with staff that includes the highest levels of management
Excellent facilitation and leadership skills

Information Security Risk Manager Resume Examples & Samples

This individual will be responsible for the risk management framework for the IHC and implementing the Governance, Risk and Compliance tool to ensure consistent methodologies and a robust program
Support the overall planning, implementation and sustainability of the IHC
Improve and promote comprehensive system risk-related and information security-related activities
Maintain and enforce the system risk management and information security risk management framework/methodology
Exhibits and applies best practice risk management skills through effective internal risk controls, risk monitoring, risk assessment and improvement of risk management processes
Develop and report key performance and risk indicators to senior and executive management

Information Security Risk Manager Resume Examples & Samples

2+ years experience with IT security audits or vulnerability management
Practical experience with penetration testing and vulnerability scanning tools
Solid understanding of TLS, web threats, and browser security models
Knowledge of best practices related to security and disaster recovery

Senior Information Security Risk Manager Resume Examples & Samples

Develop and articulate the vision, strategy, and direction of the information security risk program
Establish and deliver against the risk program goals, objectives and tactics
Develop and implement the next-level down risk management processes (process-level, asset-level, etc.), including embedding risk assessments into existing capabilities (architecture reviews, secure design and development, etc.)
Enable risk-based strategic planning efforts for security teams across Autodesk, and ensure that risk mitigation strategies are identified, resourced and tracked
Manage the risk reporting process with the Director of Information Security Program Management and Autodesk’s Chief Information Security Officer (CISO)
Manage vendor security assessment reviews to enable informed decision-making related to third party engagements
Manage relationships with security, technology and business stakeholders to identify and communicate security risks and mitigation approaches
Coordinate with Autodesk’s ERM function relevant to information security risk and its overlap with product security and data privacy
Establish and report relevant metrics and KPIs to communicate status, demonstrate progress and build awareness of information security risk management program performance
B.S. degree or equivalent work experience in risk management, business management, information systems or other relevant field
10+ years of combined risk management, risk consulting, and information security work experience
5+ years of experience directly leading and managing a team of risk and / or information security/IT professionals in a matrix organization
Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), or equivalent required
Strategic thinker; ability to drive the vision and structure of the team in alignment with Autodesk’s and ISRC’s objectives
Effective stakeholder management skills; ability to influence and work with across all groups and levels and business groups to develop the most effective approach
Advanced interpersonal skills to effectively promote ideas, collaborate across teams and influence stakeholders
Refined financial management skills to establish and monitor the program budget
Experience creating and refining metrics to articulate and measure program performance
Effective team leader, manager and coach
Previous experience in a high-tech company preferred

Information Security Risk Manager Resume Examples & Samples

Serving as Information Security Risk Manager assigned to one of Visa's technology organizations
Serving as the responsible subject matter expert on IT Risk within that organization which includes
Providing risk evaluation and assessment of likelihood and impact of security findings, vulnerabilities and exceptions
Providing input for plans, roadmaps, and prioritization for projects in order to drive down organizational risks
Supporting implementation of Visa's information security program into the technology organization
8+ years of IT or Risk experience in large, highly-regulated organizations
Relevant undergraduate degree or equivalent professional experience
Relevant graduate degree (computer science, management of information security, etc.)
Mainframe, OS390, MVS, Tandem, RACF

Information Security Risk Manager Resume Examples & Samples

Liaising with Global Heads of the Global Business (GB) to provide updates on information risk and follow up on risk mitigation
Maintaining on-going visibility of Global Businesses key initiatives and helping to prioritise Information Security Risk oversight according to risk
Maintaining oversight of Information Risks in the GB by reviewing RCAs, MSIIs, Internal Audit findings, BRCM reviews and any other Information Security Risk related KRIs to establish risk themes and provide advice on remediation
Manage and maintain close oversight on all Information Security Risk related incidents with a view to provide assurance that risks and impacts have been handled effectively
Supporting the Global Business in the RCA process and the use of the ISR Risk and Control Library to ensure relevant information security risks and controls are included in the RCA
Catalogue of key initiatives maintained with current status
The role will involve extensive liaisons with senior management in the relevant Global Business Building and deepening relationships with key stakeholders at all levels, including Global/Regional/Country Heads
Collaborating effectively with SMEs from across the ISR function to understand and monitor the position
Contribution to Global Business strategy, Operational Effectiveness & Control
Information Security Risk position of the GB monitored, documented and regularly reviewed
The ISR function and this role is transforming in response to four main drivers
Bank's realignment around Global Businesses and Global Functions
Deployment of the Lines of Defence Model
Need to become more efficient and standardized
Management of Risk (Operational Risk / FIM requirements)
The successful Information Security Risk is expected to adhere to all relevant FIM policies and operational risk guidelines as well as maintain the firms internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators

Information Security Risk Manager Resume Examples & Samples

Maintaining on-going visibility of initiatives and prioritise Information Security risk
Increasing the understanding of information risks by explaining in plain/business terms, help manage risk and recommend mitigations
Maintaining Information Risks by reviewing RCAs, MSIIs, Internal Audit findings, BRCM reviews and any other Information Security risks related KPIs to establish risk and provide advice
Provide risk opinion and guidance
Build stakeholder relations

Information Security Risk Manager Resume Examples & Samples

Manage CBS information security policies and standards, understand their operational impact to CBS and continually refine policy to ensure effectiveness
Identify, document and communicate information security risks associated with the protection of CBS data stored, processed, or transmitted through CBS and 3rd party information systems and applications using standard CBS tools and assessment processes
Develop and refine security processes as required to ensure continued effectiveness, in support of a diverse array of business services and IT applications
Manage CBS policy exemptions, identify rationale and risks underlying exemption requests, weigh effectiveness of compensating controls, and make decisions around exemption requests
Work closely with a wide range of audiences, from fellow IT Risk and security managers, legal and compliance representatives, internal and external auditors, vendors, CBS executives and clients to meet ISG security objectives
Influence technical and strategic direction of the Information Security function, especially as it relates to emerging risk management requirements
Blend technical Information security and IT risk management background with outstanding business acumen and communication skills in order to understand and convey complex IT security and risk management concepts and solutions to both technical and non-technical audiences, and to provide on-the-fly critical thinking and problem solving skills in high-pressure situations
5+ years of experience in security and/or technology gropus, advising on development and execusion of information technology solutions and security technologies, particularly in large, decentralized environments
Working knowledge or understanding of a wide range of information security controls and technologies e.g., firewalls, VPN, PKI, encryption, intrusion detection systems, vulnerability & risk management tools and methods, penetration testing, malware identification, common Windows (desktop & server) operating systems, UNIX/Linux platforms
Experience with applying and supporting common risk management frameworks such as NIST and Critical Security Controls, and familiarity with regulatory control requirements associated with information security and data protection such as ISO 27002, PCI, country and state data privacy and breach laws (US, European, Canadian etc), SSAE-16, SOC1/2 etc
Solid experience supporting, or managing one or more of the following: IT risk identification and assessment, control design and implementation, compliance monitoring, vendor risk assessments related to information security requirements, policy development
Results focussed - with a strong desire to constantly research and master new concepts, technologies and controls related to information security and apply to ongoing tasks and deliverables
Confident in developing presentations and effectively leading meetings and conference calls
Be a self-starter, able to work under pressure and with limited supervision, and work well with others in a large and diverse environment
Ability to successfully prioritize and manage to completion multiple complex tasks and deliverables, and demonstrate the highest degree of integrity and accountability in all actions
One or more of CISSP, GSEC, CISA, CISM, CRISC certifications strongly preferred but equivalent knowledge will be considered

Information Security & Risk Manager Resume Examples & Samples

The Information Security & Risk Manager (EMEA) serves two roles in the EMEA division – Information Security practitioner working to respond to incidents and identify risks and threats, and Information Security lead supporting the EMEA CIO to assure client satisfaction with C&W security practices and commitments. The individual will be part of the global Information Security & Risk Management team, participating in their activities, operating consistent with the team’s practices and project schedules, and sharing responsibilities for any security-related task that may be required of team members. The individual will coordinate closely with global and local Infrastructure team members and development team members to diagnose and remediate materialized threats and to enhance security practices
Reporting to the Head of Security Operations
Reporting to the Global Head of Information Security
Supporting the local CIO
Generally
Degree in computer science, engineering or related field
Certified Information Systems Security Professional (CISSP) or equivalent
5 or more years experience in IT Risk, Security, and Privacy with extensive experience in ISO 27001
Experience collaborating with lines of business and corporate functions on data protection
Experience developing and executing presentations to all levels of management and to clients
Ability to collaborate with business partners in setting business goals and objectives
Exemplary networking and negotiation skills. Strong motivator and team player
Strong interpersonal skills and ability to work cross-functionally and across divisions with others
Ability to manage and analyze data
Experience raising awareness of security throughout an organization
Strong teambuilding skills including promoting cooperation and good working relationships among peers and team members, remaining positive and supportive during change, and building rapport and trust with IT Risk stakeholders and other business partners
Strong problem solving and program execution skills
Experience with IT risk, security, and privacy standards and industry best practice approaches, such as CoBIT, ISO 27005 (Risk), COSO, ITIL, GAPP, etc

Information Security Risk Manager Resume Examples & Samples

Information Security Policy Management – Coordinates the development and maintenance of corporate Information Security related policies and procedures
Risk Assessments – Oversees the development and maintenance of the Bank’s Information Security (GLBA) Risk Assessment in compliance with Regulation H. Works with Information Security management to ensure Information Security policies and procedures appropriately mitigate the identified risks related to regulatory compliance (GLBA, PCI, HIPAA), application and vendor Security Risk Assessments
E-Discovery - Provide Legal and investigative assistance for matters requiring the collection, analysis, and/or preservation of electronic data from informational assets working directly with Legal, Internal Audit, Compliance and contractors
Security Awareness Training – Oversee the development and execution of training and awareness strategy for annual, monthly and ad-hoc training across all lines of business. Promote Information Risk and security awareness through training, information risk/security awareness days, and other related activities such as annual training, month awareness campaigns, ad-hoc training and other awareness activities
Manages exceptions process for policies, procedures, standards and technology changes requiring security approval. Plans and implements audits to identify misapplication of corporate security policies, procedures, and standards; surfaces issues, identifies and executes recommended actions for remediation
Manage and conduct Users Access Certifications with managers and data owners using SailPoint Identity IQ Report results from standard, regulatory, and ad-hoc risk assessments to Information Security management, business owners, and Information System sponsors. Provide additional metrics as required based on analysis of internal and external trends and threats
Monitor Access Management activities to ensure segregation of duties
Due Diligence/Consultant - Provides Due Diligence services to business units where requested. Consults, advises and counsels business partners regarding security-related risk
Information Security for New/Modified Technology – Consults on the design, integration, and review of new/modified technologies within MB infrastructure or new/modified technologies to be provided by third party service providers from an information security perspective
Complies with all applicable federal and state laws and regulations
Strong technical knowledge and background
Strong understanding and experience in various bank software systems including knowledge of operating and application systems, networks, and data/telecommunications
16

Information Security Risk Manager Resume Examples & Samples

Extensive knowledge or risk management concepts
Deep technical understanding of security threats, vulnerabilities and controls
Understanding of and appreciation for administrative and physical controls, and their application in a global environment
Experience with ISO and/or NIST frameworks
Must be comfortable communicating with senior business leaders
Industry recognized security certification such as CISSP, CISM. CISA Desirable
BS/BS in Computer Science Security or related field
Experience conducting risk assessments in complex and fast-paced global environments
Experience with RSA Archer desirable

Global Information Security & Risk Manager Resume Examples & Samples

10+ years of working experience, 7 of those years with Information Security management and/or Quality Management and/or Risk Management
Demonstrated leadership skills: >8 years experience in mid-level management positions in a matrix organization
Experienced IT manager or Corporate Information (or IT) Security Officer with broad and in-depth technical, analytical, and conceptual skills as well as mature risk management and governance experience
Experience in reporting to and communicating with senior management (with and without IT background, with and without in depth risk management background) on information risk topics
Excellent understanding and knowledge of general IT infrastructure technology, systems and management processes
Proven experience to initiate and manage projects that will affect the NIBR division, departments and functions, as well as the corporate environment

Global Information Security & Risk Manager Resume Examples & Samples

Systematically support the implementation and monitoring of the Novartis Information Governance Management (IGM) Policy Framework to ensure the integrity, confidentiality and availability of information owned, controlled, and/or processed by NIBR is assured
Assist in the formulation and creation of documents and maintain the overall IS&RM strategy for NIBR following the defined Governance Structure
Assume responsibility for managing budgeting, accounting and charging requirements
Ensure the continued provision and development of skilled and capable people to support IS&RM
Considerable experience and expertise in Information Security management, Quality Management and/or Risk Management
Demonstrated leadership in mid-level management positions within a complex international matrix organization
Experienced IT Manager or Corporate Information/IT Security Officer with broad and in-depth technical, analytical, and conceptual skills as well as mature risk management and governance experience
Experience in reporting to and communicating with senior management (with and without IT or risk management background) on information risk topics
Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; proven ability to communicate information risk-related concepts to technical and non-technical audiences, and to audiences with a risk management profile as well as those with a less outspoken risk management profile
Proven experience to initiate and manage projects that will affect NIBR as well as the corporate environment
Business-level/advanced/fluent English

Information Security Risk Manager Resume Examples & Samples

Establish credibility and maintain strong working relationships with technical and non-technical teams involved with information security matters (Legal, Business Development, Internal Audit, Fraud, Physical Security, Developer Community, Networking, Systems, etc.)
Make recommendations to managers and peers on opportunities for risk mitigation based on established risk tolerance
Establish innovative metrics and regular reporting mechanisms for measuring employee awareness and understanding of Information Security policy across Amazon
Drive continued operational and automation improvements to improve operational efficiency
Bachelor’s degree in Management Information Systems, Computer Science or related field
Technical understanding of security domains, such as Network Security, Identity and Access Management, etc
Strategic thinker with the ability to see/understand the big picture

Information Security Risk Manager Resume Examples & Samples

Working with stakeholders to identify, assess and treat information risks; tracking the risks and the associated controls
Manage, develop, and maintain the risk register, information asset register, and support continuous improvement and maturation of information security risk management processes
Provide advisory support to business teams in understanding risk and security considerations of business operations, new projects, and suppliers. Ensure that the security requirements for new and change business projects are defined, based on the assessment of risk within the framework provided by Group Policy
Provide assistance to IT teams in defining and executing action plans to implement controls
Monitor compliance with the agreed controls on a regular basis
Manages and maintains reporting of control / compliance progress
Supports implementation of an overall control framework (comprehensive control set) in IT e.g. COBIT
Supports internal and external audits to ensure their success
Work with the Senior Information Security Manager to define and maintain a practical and comprehensive Risk Assessment methodology, with supporting tools where appropriate
Proven information security risk management experience, ideally in both traditional retail and ecommerce
Experience in the following areas: Information Security, IT Audit, supplier security assessments, working within a control framework
Knowledge of ISO 27000 series of standards, NIST Cybersecurity Framework, CIS Critical Security Controls
Knowledge of security related products, Information Security Management Systems and security / risk strategies
Strong understanding of security controls used to protect applications and infrastructure technologies including Data Loss Prevention, Advanced Threat Detection and Prevention, Cloud and Mobile Computing
Good knowledge and understanding of system development lifecycle and its implications on BAU service
High degree of professionalism and personal integrity
Excellent documentation skills (process, control, policy, and risk documentation)
Proven experience implementing and delivering discipline in controls, in an organised manner
Ability to learn quickly and apply risk/control considerations, mindful of business process impact

Information Security Risk Manager Resume Examples & Samples

Lead the firm’s Cyber Assessment team of risk analysts in multiple remote locations
Provide effective leadership in Information Security and risk management
Engage with senior stakeholders across the Business and Technology to influence efficient continuous assessment of Information Security controls
Influence management, business and Technology practitioners equally to achieving risk reductions, reporting, and GRC oversight of the firms Cyber Assessments
Lead the Cyber assessment metrics and GRC reporting to senior management to influence risk based results
Oversee and manage documentation of Information Security Policies and Standards
An ability to effectively influence others to account for the plans and collaborative behaviors for results
BS or MA in Business, Computer Science, Information Security, or a related field
8+ years of work experience as an accomplished Information Technologist practitioner with experience in architecture implementation and engineering
5+ years of experience with documenting, project management, written analysis for Information Security risk assessments
3+ years of experience in an Enterprise Risk Management (ERM) and/or assessing controls within a Technology and/or Financial Services firm
3+ years of experience with information security management frameworks (e.g., IS027000, COBIT, NIST 800, etc.)

Information Security Risk Manager Resume Examples & Samples

Implement & drive the Supplier Information Security Program to evaluate suppliers’ security practices in order to gauge their security maturity and ability to securely manage the IT assets and data within their purview
Education: Bachelor’s degree required (Computer Science, Engineering, Information Security or related degree preferred)
6+ years of technical security, risk/threat analysis and evaluation, control mitigation and gap remediation experience
Preferred security certifications (one of): CISSP, CISA, CISM, CRISC
Experience in legal contractual language
Experience with ISO 27001-2, NIST 800-53, or other controls standards
Ability to communicate well in both verbal and written forms
Proven leadership ability and strong negotiation skills
Ability to prioritize work and demonstrate well developed organization skills

Information Security Risk Manager, VP Resume Examples & Samples

Influence the overall direction for securing infrastructure, applications and 3rd parties for the firm
Contribute to the Cyber assessment metrics and GRC reporting to senior management to influence risk based results
Contribute to documentation of Information Security Policies and Standards
An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
An understanding of organizational mission, values, and goals and consistent application of this knowledge
8+ years security, especially in an Information Risk Analysis role
8+ years with risk advisory and senior management communication, metrics, collaboration to drive risk based results
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Certified Information Systems Auditor (CISA)

Information Security Risk Manager Resume Examples & Samples

Support the development, execution and maintenance of the fully independent Information Security Risk Management program
Perform analysis on processes that support security policy requirements in business and corporate units
Perform analysis on raw data/metrics to identify trends, emerging risks, or potential systemic issues
Update a dashboard for inclusion in the quarterly Report on Operational Risk to SLF’s Operational Risk and Compliance Committee and the Risk Review Committee of the Board
Engage stakeholders and SME’s to develop and report on Key Risk Indicators
Supporting the ongoing development and maintenance of security risk related policies and directives
Perform ongoing 2nd line challenges of the creation, approval and closure of relevant security non-compliance items
Perform ongoing 2nd line challenges of relevant Information Security Assessments
Perform ongoing 2nd line challenges of security incidents and noteworthy industry developments
Strong verbal communication - able to communicate complex and technical issues in plain English
Advanced writing skills with emphasis on report writing
Strong analytical/problem-solving abilities
Information security professional certification, such as the CISSP, CISM, or CISA
Understanding of global information security standards and requirements (e.g., regulatory) and industry best practices, including the NIST Cyber Security Framework
In-depth understanding of first line of defence information security processes (e.g., risk management, pen testing, vulnerability scanning), controls (e.g., IDS, SIEM, anti-malware, system hardening), and systems at Sun Life is an asset
Understanding of or experience with operational risk tools and methodology is an asset
Post-secondary education in a Computer Science related program is an asset
> 5 years’ experience in Information Security (and/or relevant role reviewing Information Security practices such as Audit) within the financial services industry (within a federally regulated financial institution is an asset)
Technical information security risk management knowledge
LI-SJ1

Information Security Risk Manager Resume Examples & Samples

Minimum 7 years of IT security experience
Strong people management skills and experience
Experience in the insurance and/or financial industries required
Demonstrated ability to participate in cross functional teams, including offsite, remote and offshore resources
Effective written, verbal communication skills. Ability to tailor communication style to audience at hand
Ability to effectively communicate with technical and non-technical resources
Self-directed, works with minimal guidance, and recognizes when guidance needed
Demonstrated ability to stay abreast securing evolving technology such as cloud and mobile computing
Experience evaluating and securing payment processing technology
Knowledge of PCI DSS, HIPAA, ISO, NIST, and IT Controls
Strong understanding of IT security best practices
CISSP or CISM, or other industry certification or expected completion of certification within 1 year of hire

Information Security Risk Manager Resume Examples & Samples

Develops, implements, and maintains a corporate-wide risk management and employee training program
Drafts information security and risk management policies, procedures and technical standards to support corporate objectives
Performs and provides guidance for periodic risk assessments of existing application and infrastructure functionality
Creates risk assessment deliverables and materials including detailed findings, action plans, and recommendations
Defines, develops and provides risk-based metrics to management
Participates on internal risk management teams and acts as a liaison to internal and external auditors and governmental regulators
Partners with IT process and control owners and advises on various legal and regulatory deliverables, such as process documentation, testing, and remediation for Sarbanes-Oxley and other internal or external audits

Information Security Risk Manager Resume Examples & Samples

Carry out information security risk assessments on applications and processes,
Understand information security capabilities and assess business risk appetite
Ensure data classifications are up to date across the investment bank and hence determine whether current levels of protection are appropriate
Manage the access management governance process around electronic communication networks for the investment bank
Review current status of the Cyber threat to the investment bank developing our strategy to ensure we are within risk appetite

Information Security Risk Manager Resume Examples & Samples

Broad understanding of information security principles and objectives
Knowledge of good practice in information security controls
Ability to build and maintain strong working relationships with stakeholders at various levels
Enthusiastic about information security and the ability to translate this and pass on to others
Intellectually curious – keen to learn and understand more around the information security agenda and the impact on the business
Identifying information security risks in a large organisation
Maintenance of a risk register
Designing information security controls
Experience of information security awareness training is desirable

Bpo-information Security Risk Manager Resume Examples & Samples

Cloud security certifications
A high level of integrity and trust
Focused personality, with a demonstrated ability to take initiative, successfully handle and prioritize multiple competing assignments and effectively manage deadlines
Security certifications desired such as CISA, CISSP, CISM, CRISC etc

Information Security Risk Manager Resume Examples & Samples

CISSP/CISM/CRISC or equivalent professional qualification
UK Data Protection Law
International Data/Privacy Laws
Business Planning
Functional understanding of technology and appropriate levels of controls to be applied
Information Risk Management Practices
Information Security Best Practices
Business and Commercial Acumen
Data Analysis and Modelling
Stakeholder Management
Financial Analysis
Dunnhumby Capabilities and Solutions
Support teamwork and create team spirit
Build loyal relationships with colleagues and our clients and partners
Act quickly on new ideas
Set challenging goals
Support and motivate
Drive delivery excellence
Develop and deliver practical solutions to problems
Support learning and innovation