Information Security Risk Manager
Company: Fisher Investments
Location: Portland
Posted on: November 13, 2024
Job Description:
It's an exciting time to join Fisher Investments; we're
investing in the future of our firm's technology and information
security. Our business is growing internationally, which emphasizes
the need to build an unparalleled team that promotes future global
growth through strategic solutions and progress. We are important
to supporting our firm's diverse businesses, and we are excited to
continue solidifying that foundation as we add more experienced
technologists to our Technology team. -- The Opportunity: -- The
Information Security Risk Management position, reporting to the
Associate VP of Information Security, will work with Information
Security, Technology, Project, and Enterprise Risk Management teams
to perform technology risk analysis and recommend controls. You
will also develop, recommend, and implement technology risk
practices following Fisher Investments Digital Asset risk
management goals. -- The Day-to-Day:
- Represent Information Security in Enterprise Risk Management
technology reviews for Digital Assets, including evaluation of
inherent risk, researching vendor practices and controls,
recommending new practices and controls, and estimating residual
risk
- Continuously mature Enterprise Risk Management evaluation
procedures for Digital Assets
- Continuously collaborate with Information Security, Technology,
and Data Privacy Subject Matter Experts to determine efficacy of
technical and practical Digital Asset controls
- Research new possible technical and practical Digital Asset
risk controls
- Perform security-focused risk and gap assessments to identify,
document and track security risks associated with Cloud and
physical IT infrastructure and services, Applications, Information
systems, and Vendors/other third parties
- Identify risk levels and associated controls to manage risk
levels applying both quantitative and qualitative techniques
- Translate risk management measures from technical to business
language
- Provide security risk services to business owners and
partners
- Understand and maintain a broad knowledge of methodologies and
technologies in the area of risk assessments and controls measures
Your Qualifications:
- 3+ years of experience in Enterprise Risk Management for
Digital Assets, including development of risk evaluation processes,
control evaluations and recommendations, and vendor research
- 3+ years of experience in Digital Asset audit review experience
(including SOC 2 Type II, SOX compliance, PCI compliance,
vulnerability reports, retention policies)
- Knowledge of Information Security and risk standards and
frameworks such as NIST 800-53, CIS benchmarks, OWASP, ISO-27001,
and COSO
- Experience assessing risk or implementing controls in a
cloud-based enterprise environment
- Extensive knowledge of information systems, risk assessment
methodologies and security control technologies
- Ability to balance risks in ambiguous and complex
scenarios
- Team-oriented, highly collaborative, experience leading
initiatives
- Experience in GRC platforms Compensation:
- $100,000 - $140,000 base salary per year in the state of WA.
New hires should expect to start at the lower end of the range
depending on experience.
- Eligible for a discretionary bonus based on firm and individual
performance Why Fisher Investments: -- We work for a bigger
purpose: bettering the investment universe. We take great pride in
our inclusive culture, our learning and development framework
customized for every employee, and our Great Place to Work
Certification. It's the people that make the Fisher purpose
possible, and we invest in them by offering exceptional benefits
like:
- 100% paid medical, dental and vision premiums for you and your
qualifying dependents
- A 50% 401(k) match, up to the IRS maximum
- 20 days of PTO, plus 10 paid holidays--
- Family Support programs including 8 week Paid Primary Caregiver
Leave, fertility, family forming, and hormonal health assistance
and back-up child, adult, and elder care
- $10,000 fertility, hormonal health and family-forming
benefit
- Opportunity to participate in our hybrid work from home
program. This program is subject to change. Based on tenure and
performance eligibility, you will have the opportunity to work from
home up to 75-- days per year FISHER INVESTMENTS IS AN EQUAL
OPPORTUNITY EMPLOYER
Keywords: Fisher Investments, Beaver Creek , Information Security Risk Manager, Executive , Portland, Oregon
Didn't find what you're looking for? Search again!
Loading more jobs...