Technical IT Risk Manager

TECHEAD

To Apply for this Job Click Here

Always Connecting, Always Evolving.

TECHEAD is seeking qualified applicants for the following Contract position – Technical IT Risk Manager / Remote Virginia – (JOB-20807). If you are looking for a new opportunity and this position looks to be a fit, please apply to see the TECHEAD difference that has made us successful for 30+ years!

You can find more about our team and values by checking us out at TECHEAD.com or on Glassdoor

Job Description:
Technical IT Risk Manager | 20807
Remote
Contract: 1 Year
No C2C Candidates

Responsibilities:

  • Communicate risk policies and processes for the client’s Information Security Program.
  • Provide hands-on development of risk models, risk assessments, security metrics, security documentation, and vendor management.
  • Have excellent quantitative and analytical skills, along with the ability to apply those skills across multiple business processes.
  • Create new policy and update existing policy. Retire policy.
  • Create a POA&M and attach a Policy Exception to Remediate a POA&M
  • Create Citation and Update Citation. Associate a Citation to a Control Objective(s)
  • Generate Assessment and complete Assessment.

Requirements:

  • Designing and implementing an overall risk management process for the organization.
  • Minimum of 5 years of experience:
  • Possess strong IRM platforms experience – Preferably with ServiceNow
  • Dashboard and Reports – Create Dashboards and reports including custom dashboard. Also update existing reports.
  • Performing a risk assessment for each IT application: Analyzing current risks and identifying potential risks that are affecting the organization.
  • Performing a risk evaluation: Evaluating the organizations previous handling of risks, comparing potential risks and associated costs and legal req
  • Create Risk Statement. Review and Approve Risk Statement. Map Risk Statements to Control Objectives. Associate a Risk Statement to an Entity and associate a Risk Statement to an Entity Type
  • Be familiar with NIST 800-53 Controls.
  • Familiar with GRC ArcherParticipating in new project initiation, enhancements, and other assigned projects.
  • Perform accreditation and certification of IT applications.
  • Perform vendor management and security assessments.
  • Establishing the level of risk the organization are willing to accept.
  • Risk reporting tailored to the relevant audience. (Educating the leadership team about the most significant risks to the business; ensuring business
  • Explaining the external risk posed by corporate governance to stakeholders.
  • Conducting policy and compliance audits, which will include liaising with internal and external auditors.
  • Maintaining records of security documentation and artifacts for all IT applications.
  • Perform vendor management and security assessments.
  • Review Interoperability agreements, data sharing agreements, and/or Memorandum of Understandings for new or existing applications.
  • Reviewing any new major contracts or internal business proposals.
  • Building risk awareness amongst staff by providing support and training within the organization.
  • Provide quarterly updates on risk assessments and audit recommendations/corrective action plans.

Education:

  • Certified Information Systems Security Professional (CISSP),
  • Certified Information Security Manager (CISM),
  • Certified Information Systems Auditor (CIS | Desired | 1 Years | PREFERRED
  • BS or BA degree in a Computer Science or a related technical discipline, five (5) or more years of relative experience or training.

TECHEAD’s mission is to make our on-site associates successful by placing them in the right environment so they can grow and prosper. How we treat and respond to our clients and employees is a reflection of who we are and makes us stand out from the rest. Keeping our business focused on building and maintaining relationships with our employees and clients is the key to our success. We won’t strive for anything less.

TECHEAD provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

For more information on TECHEAD please visit www.techead.com.

No second parties will be accepted.

To Apply for this Job Click Here

  Apply with Google   Apply with Twitter
  Apply with Github   Apply with Linkedin   Apply with Indeed
  Stack Overflow