Sr. Manager Information Risk Management Services

Verizon Communications Boston , MA 02298

Posted 2 months ago

What you'll be doing...

You will be responsible for leading and managing the Information Risk Assessment team of analysts, in support of the enterprise-wide IRM program, which is a key pillar of the broader Verizon Corporate Information Security function. You'll be responsible for leading a team of analysts. You'll ensure that risk assessments are performed in line with the overall Corporate Information Security and IRM strategy, methodology, policy, standards, and management practices, and ensure they are aligned with specific business-driven risk appetites and profiles, throughout the full system lifecycle.

  • Leading the IRM Risk Assessment and Analysis function, setting the vision aligned with the overall Corporate Information Security and Business strategies and priorities in support of business goals.

  • Managing and executing the Verizon IRM Analysis program across the function, coordinating with other security leadership, CIOs and the functional and business security leads, to ensure proper coverage and definition of roles.

  • Developing comprehensive risk mitigation recommendations.

  • Working effectively with the Corporate Information Security leadership, executive team, CIOs and the various business units to facilitate Information security risk assessment and risk management processes.

  • Supporting the delivery of Information Risk Management services and projects within an organizational structure consisting of direct reports, as well as through a matrix operating model.

  • Ensuring hiring, training, staff development, performance management and annual performance reviews are aligned and effectively executed to continue to grow skills and capabilities in accordance with Verizon's strategic needs.

  • Building the necessary internal relationships and communication networks among the broader information security team and line-of-business executives.

  • Supporting the definition and implementation of Information risk management methodologies and security controls in accordance with Verizon policy and control frameworks.

  • Monitoring external developments that may impact overall risk profiles, including emerging threats, technological developments, regulatory changes, etc.

What we're looking for...

You have a sound, working knowledge of qualitative and quantitative Information Risk Management frameworks and related operational risk and business impact risk management. Additionally, you have a solid background in business management, enterprise-grade cybersecurity technologies and IT services and technology delivery operations.

You'll need to have:

  • Bachelor's degree or four or more years of work experience.

  • Six or more years of relevant work experience.

  • Experience working with both qualitative and quantitative Information Risk Management frameworks.

Even better if you have:

  • A degreein Engineering, Information Technology or Computer Science.

  • Experience in building, training, and developing a high-performing team.

  • Knowledge of information risk management, cybersecurity and IT compliance technologies.

  • Knowledge of relevant legal and regulatory requirements.

  • Six or more years of relevant work experience in a combination of risk management, information security and technology.

  • Three or more years of people management.

  • Professional management certification in a related field such as Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials.

  • Written and verbal communication skills.

  • Ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels.

  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.

  • Skills in financial/budget management, scheduling and resource management.
    22CyberNET

When you join Verizon...

You'll have the power to go beyond doing the work that's transforming how people, businesses and things connect with each other. Not only do we provide the fastest and most reliable network for our customers, but we were first to 5G - a quantum leap in connectivity. Our connected solutions are making communities stronger and enabling energy efficiency. Here, you'll have the ability to make an impact and create positive change. Whether you think in code, words, pictures or numbers, join our team of the best and brightest. We offer great pay, amazing benefits and opportunity to learn and grow in every role. Together we'll go far.

Equal Employment Opportunity

We're proud to be an equal opportunity employer- and celebrate our employees' differences,including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Director Information Risk Management

Verizon Communications

Posted 3 days ago

VIEW JOBS 10/17/2019 12:00:00 AM 2020-01-15T00:00 What you'll be doing... The Director, Information Risk Management is responsible for directing and managing the enterprise-wide Information Risk Management (IRM) program as a key pillar of the broader Verizon Corporate Information Security program. The Director, IRM is responsible for execution of strategy, policy, standards, and management practices to ensure that Verizon Information assets are adequately protected with acceptable controls and aligned with specific business-driven risk appetites and profiles, throughout the full system lifecycle. The Director, IRM is responsible for ensuring that system controls are established and maintained in accordance with Verizon policy and legal, regulatory or governance standards and requirements, and that resulting risks are aligned appropriately with the business and effectively managed.This position will report to the Executive Director, Information Risk Management & Cyber Security Strategy. * Lead the risk management functions of the Information security program by setting the vision and establishing direction across the global enterprise to ensure consistent and high-quality information security services are provided in support of business goals * Manage and execute the Verizon IRM program across the entire enterprise, coordinating with other security leadership, CIOs and the functional and business security leads to ensure proper coverage and definition of roles to support Verizon business objectives. * Develop a comprehensive risk mitigation program to ensure that risks throughout the Information Technology and IT Services environment are actively identified, assessed, tracked and resolved; where this is not possible, ensure that risk is reduced to the appropriate levels and ownership of this information security risk is clear * Work effectively with CIOs and business units to facilitate Information security risk assessment and risk management processes, and provide guidance on the level of risk that is present against the desired Verizon risk appetite * Manage the cost-efficient delivery of Information risk and governance services and projects within an organizational structure consisting of direct reports and dotted line reports. This includes ensuring hiring, training, staff development, performance management and annual performance reviews are aligned and effectively executed to continue to grow skills and capabilities in accordance with Verizon's strategic needs * Develop and implement key projects within assigned budgets ensuring program and project management processes and discipline are in place and evolve with changing standards * Define the information security risk management approach and operating model for Information Security in consultation with the CISO, CIOs and stakeholders, and aligned with second- and third-line security and compliance guidance * Build the necessary internal relationships and communication networks among the broader information security team and line-of-business executives, corporate compliance, audit, physical security, legal and HR management teams to ensure continued alignment as required * Ensure Information security controls are defined and implemented in accordance with Verizon policy and control frameworks, and are designed to meet applicable Verizon standards and procedures * Ensure that security is embedded in the project delivery process by implementing the appropriate information security policies, practices and guidelines; where necessary, develop system specific practices and guidelines to ensure the effective delivery of security services * Oversee technology dependencies outside of direct organizational control. This includes reviewing contracts and the creation of alternatives for managing risk * Support the development of an enterprise information security vision and strategy that is aligned to business outcomes, organizational priorities and ensure senior stakeholder buy-in and mandate is secured to deliver on that vision * Monitor the external threat environment for emerging threats, and revise the overall risk profile accordingly, advising relevant stakeholders on recommended courses of action What we're looking for... * 10+ years of experience in a combination of risk management, information security and technology leadership * Bachelor's Degree in Engineering or Information Technology or equivalent experience. Master's Degree in a technical discipline is preferred * A solid working knowledge of both qualitative and quantitative Information Risk Management frameworks * Strategic leader and builder of both vision and bridges, and able to energize the appropriate teams in the organization; proven leadership in advanced information systems combined with broad business acumen, which extends beyond the functional responsibilities of the role * Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists * Must be a critical thinker, with strong problem-solving skills; excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives * Proven track record of building, training, and developing a high-performing team; ability to lead and motivate the organization to achieve tactical and strategic goals in a matrix organization * Sound knowledge of business management and a working knowledge of information risk management, cybersecurity and IT compliance technologies; knowledge and understanding of relevant legal and regulatory requirements * Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic business environment * Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework * Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials * Poise and ability to act calmly and competently in high-pressure, high-stress situations * High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity * Project management skills: financial/budget management, scheduling and resource management * Experience with contract and vendor negotiations When you join Verizon... You'll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America's fastest and most reliable network, we're leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we're about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon. Equal Employment Opportunity We're proud to be an equal opportunity employer- and celebrate our employees' differences,including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better. Verizon Communications Boston MA

Sr. Manager Information Risk Management Services

Verizon Communications