💼 About This Role

You'll support the organization's information security and enterprise risk management programs by facilitating risk identification and compliance activities. You'll partner with business and technology stakeholders to ensure risks are documented and treated in alignment with risk tolerance. This role enables consistent, auditable processes for compliance and third-party risk.

🎯 What You'll Do

• Develop and maintain information security governance policies and standards.
• Lead Business Impact Analysis (BIA) to identify critical processes and recovery objectives.
• Identify and document IT risks across infrastructure, applications, and third parties.
• Lead internal control testing and audit readiness across cloud and on-prem systems.

📋 Requirements

• 8+ years in security, risk, compliance, or GRC-focused roles.
• Bachelor's degree in Cybersecurity, Information Systems, or related field.
• Strong experience with ISO 27001, SOC 2, NIST, or CIS frameworks.
• Experience designing security governance programs.