Sr. IT Manager (Cyber Risk Management)
Dublin, California
Employer: Insight Global
Industry: Managerial / Professional
Salary: Competitive
Job type: Full-Time
Insight Global is looking for an IT Manager II to support a large retail client in Dublin, CA. This person will play a critical role for facilitating cybersecurity risk management and governance processes for their corporate & store practices. This role works closely with the IT Compliance Manager and Secure Project Delivery Manager to help develop, mature, and execute the IT Risk processes which include governance, risk assessment, risk analysis, risk metrics, risk reporting, technology enablement, maintenance of the risk taxonomy, and organizational integration. This role is also responsible for establishing security policies, standards and procedures and managing security awareness program. This role is hybrid and the candidate must be local to the Bay Area, coming onsite to the Dublin office at least 2x/wk.
Key Responsibilities:
Leads the security governance and risk management team performing IT and business risk assessments, vendor risk management, contracts management, security policy and standards management and security awareness..
Performs management and personnel administration functions associated with Ross' Cybersecurity Governance and Risk Management Department.
Responsible for performing risk assessments to identify current and future security vulnerabilities, determine what level of risk is acceptable to the organization, and determine the best ways to reduce cybersecurity risks to this acceptable level of the company's assets, relationships, processes, and functions associated with IT and business risk.
Establish and maintains related IT Risk Management metrics and reporting. Collaborates with IT Compliance Manager, Secure SDLC Manager, Cybersecurity, and IT groups to define, gather and analyze metrics. Provides targeted reporting to all levels of IT and Business management.
Responsible for establishing information security awareness programs, regularly conducting exercise to educate employees of the cybersecurity and best practices.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .
Required Skills & Experience
Must Haves:
8-10 years of professional experience in running a cybersecurity function, including analyzing and applying cybersecurity risk, risk management, and privacy practices.
At least 5 years of experience working with cross-functional teams.
Proven leadership skills with the ability to oversee projects and manage personnel.
Experience with IT process, risk and control frameworks, such as COBIT, ISO 27001, ITIL, Risk IT.
Experience communicating and presenting both verbally and in writing to various audiences, including committees, large groups, senior management, and executive leadership.
Nice to Have Skills & Experience
Plusses:
CISSP (Certified Information System Security Professional), CISA (Certified Information Systems Auditor) OR CRISC (Certified in Risk and Information System Control) OR CGEIT (Certified in Governance of Enterprise IT).
HUGE plus would be an individual who has Big 4/Consulting experience in the Cyber space.
Retail background in the Cyber space.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.
Key Responsibilities:
Leads the security governance and risk management team performing IT and business risk assessments, vendor risk management, contracts management, security policy and standards management and security awareness..
Performs management and personnel administration functions associated with Ross' Cybersecurity Governance and Risk Management Department.
Responsible for performing risk assessments to identify current and future security vulnerabilities, determine what level of risk is acceptable to the organization, and determine the best ways to reduce cybersecurity risks to this acceptable level of the company's assets, relationships, processes, and functions associated with IT and business risk.
Establish and maintains related IT Risk Management metrics and reporting. Collaborates with IT Compliance Manager, Secure SDLC Manager, Cybersecurity, and IT groups to define, gather and analyze metrics. Provides targeted reporting to all levels of IT and Business management.
Responsible for establishing information security awareness programs, regularly conducting exercise to educate employees of the cybersecurity and best practices.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .
Required Skills & Experience
Must Haves:
8-10 years of professional experience in running a cybersecurity function, including analyzing and applying cybersecurity risk, risk management, and privacy practices.
At least 5 years of experience working with cross-functional teams.
Proven leadership skills with the ability to oversee projects and manage personnel.
Experience with IT process, risk and control frameworks, such as COBIT, ISO 27001, ITIL, Risk IT.
Experience communicating and presenting both verbally and in writing to various audiences, including committees, large groups, senior management, and executive leadership.
Nice to Have Skills & Experience
Plusses:
CISSP (Certified Information System Security Professional), CISA (Certified Information Systems Auditor) OR CRISC (Certified in Risk and Information System Control) OR CGEIT (Certified in Governance of Enterprise IT).
HUGE plus would be an individual who has Big 4/Consulting experience in the Cyber space.
Retail background in the Cyber space.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.
Created: 2024-10-02
Reference: 383969
Country: United States
State: California
City: Dublin
Similar jobs:
-
Senior IT Project Manager
Experis in Sacramento, California💸 $63.00 per hour -
IT Asset Management Analyst
State Of California in Sacramento, California -
Information Technology, Senior Project Manager - IT Customer Service Portfolio [HYBRID]
Southern California Edison (SCE) in Rosemead, California -
Sr. Manager, IT (Data Platform)
Ross in Dublin, California -
Sr. Manager, IT (Data Platform)
Ross Stores in Dublin, California -
Procurement Manager - IT Category
TikTok in San Jose, California -
IT Helpdesk Lead/Manager
Evolver LLC. in San Francisco, California💸 $100000 - $150000 per year -
IT Project Manager
Insight Global in San Diego, California -
IT Project Manager
Aquent in Los Angeles, California💸 $45 - $53 per hour -
Senior Sourcing Manager, Corporate and IT Professional Services
LVMH in 20th Floor, California💸 $147000.00 per year -
Senior Manager, IT Solutions Architecture - Transmission & Distribution [HYBRID]
Southern California Edison (SCE) in Rosemead, California -
IT Manager I, (Client Services)
Ross in Los Angeles, California💸 $106700 - $182000. per year -
IT Manager II (Cybersecurity Risk Management)
Ross Stores in Dublin, California -
IT Asset Management Associate
State Of California in Sacramento, California -
IT Clinical Manager - Clinical Systems Manager - Walnut Creek, CA
UnitedHealth Group in Walnut Creek, California💸 $88000 - $173200 per year -
IT PROGRAM MANAGER
Deputy Assistant Secretary for Information and Technology in Oakland, California -
IT Security & Compliance Manager
Tesla Motors in Fremont, California💸 $88000 - $294000 per year -
Lead, IT Applications (Supply Chain - Workforce Management)
Ross Stores in Dublin, California💸 $106700 - $182000. per year -
Associate, IT Performance Management
Hyundai Capital America in Newport Beach, California -
IT Infrastructure Technical Manager
Apex Systems in San Francisco, California