Cox Enterprisesposted 2 months ago
$119,600 - $199,400/Yr
Full-time - Manager
Atlanta, GA
Telecommunications
About the position
The Security Risk Lead is responsible for identifying, assessing, and mitigating risks related to the organization's information technology and cybersecurity practices. This role involves developing and implementing cybersecurity risk management strategies, ensuring compliance with relevant regulations, and fostering a culture of risk awareness across the organization.
Responsibilities
- Assist business line leadership with identifying, assessing, controlling, mitigating, and communicating risks associated with business processes and decisions.
- Evaluate the root cause, the corrective action plans, and work with business partners Technology teams to successfully implement and document remediation.
- Support the business in the development of Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs).
- Keep the Business aware of the risk and control environment of the Business through continuous and open communication.
- Prepare and host meetings with Senior Management to present and follow-up on issues, concerns, and corrective action plans.
- Provide oversight and governance to the assigned business unit regarding its control environment including change activities.
- Execute, facilitate and monitor risk governance mechanisms, including but not limited to, Compliance Risk and Control Self-Assessment (C-RCSA), Risk and Control Self-Assessment (RCSA), key risk indicators, policies, risk committees and other elements of the Enterprise Risk Framework.
Requirements
- Bachelor's degree in information technology, cybersecurity, or a related field; Master's degree preferred.
- Minimum of 4 years of experience in cybersecurity and risk management roles.
- Strong understanding of IT security frameworks and regulatory requirements.
- Experience with reporting platform tools (ServiceNow experience preferred), including workflow creation, dashboard creation, and optimization.
- Proven experience in communicating and presenting risk management findings.
- Excellent problem-solving, analytical, and critical thinking skills to effectively respond to shifting priorities, demands and timelines.
- Deep understanding of cyber and Enterprise Risk Management principles and frameworks (e.g., NIST, ISO, COSO, COBIT) with experience.
- Relevant certifications such as Certified Information Systems Security Professional (CISSP) or Certified Risk and Information Systems Control (CRISC) are preferred.
Benefits
- Flexibility to take as much vacation with pay as they deem consistent with their duties.
- Seven paid holidays throughout the calendar year.
- Up to 160 hours of paid wellness annually for their own wellness or that of family members.
- Additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, and parental leave.
- Health care insurance (medical, dental, vision).
- Retirement planning (401(k)).
- Paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO).
