Responsibilities

• Lead and mature the organization’s IT Risk Management program, focusing on risk identification, assessment, treatment, monitoring, and reporting.
• Develop and communicate effective workflows and risk processes across departments to improve compliance and operational efficiency.
• Provide expert guidance on IT risk strategies and ensure alignment with legal, regulatory, and industry frameworks.
• Manage GRC services and technology solutions to enhance visibility, scalability, and governance across the IT environment.
• Collaborate with cross-functional teams to ensure security and compliance requirements are integrated into business and technology processes.
• Stay current on cybersecurity trends, threats, and technologies to inform risk strategy and business decisions.
• Partner with senior leadership to influence the strategic direction of IT risk initiatives and support enterprise objectives.
• Promote a risk-aware culture by providing training, tools, and advisory support to business and technical stakeholders.

Qualifications

• Minimum of 10 years of progressive experience in IT risk management, cybersecurity, and/or IT compliance, including leadership roles.
• Bachelor’s degree in Computer Science, Cybersecurity, or a related field; equivalent experience will be considered.
• Proven experience in IT risk profiling, developing risk mitigation plans, and understanding the legal and regulatory implications of IT risk.
• Strong knowledge of IT governance principles, SDLC, program/project management methodologies, and enterprise architecture.
• Demonstrated expertise with risk management and compliance frameworks (e.g., ISO31000, ISO27001, NIST CSF, COSO, PCI DSS).
• Ability to build strong working relationships with executives and influence across all levels of the organization.

Posted By