Risk and Information Security Manager

Fisher Investments - Gresham, OR

posted 13 days ago

Full-time - Mid Level
Remote - Gresham, OR
Securities, Commodity Contracts, and Other Financial Investments and Related Activities

About the position

The Information Security Risk Management position at Fisher Investments is a critical role focused on performing technology risk analysis and recommending controls to support the firm's diverse businesses. This position will work closely with various teams, including Information Security, Technology, and Enterprise Risk Management, to enhance the security posture of Digital Assets and ensure compliance with risk management goals. The role involves evaluating inherent risks, researching vendor practices, and continuously maturing risk evaluation procedures.

Responsibilities

  • Perform technology risk analysis and recommend controls.
  • Develop, recommend, and implement technology risk practices.
  • Represent Information Security in Enterprise Risk Management technology reviews for Digital Assets.
  • Evaluate inherent risk and research vendor practices and controls.
  • Recommend new practices and controls and estimate residual risk.
  • Continuously mature Enterprise Risk Management evaluation procedures for Digital Assets.
  • Collaborate with Subject Matter Experts to determine efficacy of Digital Asset controls.
  • Research new technical and practical Digital Asset risk controls.
  • Perform security-focused risk and gap assessments.
  • Identify risk levels and associated controls to manage risk levels.
  • Translate risk management measures from technical to business language.
  • Provide security risk services to business owners and partners.
  • Maintain knowledge of methodologies and technologies in risk assessments.

Requirements

  • 3+ years of experience in Enterprise Risk Management for Digital Assets.
  • 3+ years of experience in Digital Asset audit review experience.
  • Knowledge of Information Security and risk standards such as NIST 800-53, CIS benchmarks, OWASP, ISO-27001, and COSO.
  • Experience assessing risk or implementing controls in a cloud-based enterprise environment.
  • Extensive knowledge of information systems, risk assessment methodologies, and security control technologies.
  • Ability to balance risks in ambiguous and complex scenarios.
  • Experience in GRC platforms.

Benefits

  • 100% paid medical, dental and vision premiums for you and your qualifying dependents.
  • 20 days of PTO, plus 10 paid holidays.
  • Family Support programs including 8 week Paid Primary Caregiver Leave, fertility, family forming, and hormonal health assistance.
  • Opportunity to participate in a hybrid work from home program, allowing up to 75 days per year based on tenure and performance.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service