• Expert contributor to security vision, strategy, planning and leadership for the design, development, implementation and support of technology risk management framework.
• Proactively provides expert knowledge of industry trends and technologies as it relates to specific opportunities where security can enhance value to the business and/or addresses a specific business need.
• Identifies risk opportunities to make IT and business processes more effective and efficient.
• Drive compliance to standards/regulations and governance processes as it relates to the business.
Produce the following outputs:
• LOB risk portfolio. (Production and project based view).
• Business engagement and relationship heat-maps.
• Periodic risk measurement.
• System risk assessments.
• ERM IT Risk Register
• Supply and demand forecast.
• Risk assessment master schedule.
CISSP – required
8+ years of InfoSec work
4+ years of Governance/Risk/Compliance work
Citizen or Green Card