Job: Information Risk Manager in Washington, DC

IMF LogoAnother position for one of the more experienced among us… You get to manage risk and report directly to the CISO of the IMF. Interesting how they are looking for someone with an advanced degree in infosec … with 7 years of experience. Were there advanced degrees in infosec 7 years ago? Anyway … looks like someplace where you can make a difference.

And don’t forget … if you organization is interested in posting their career opportunities here, head on over to our Job Board page for all the details. Well anyway … on to the job post.

Title

Information Risk Manager / IT Security Consultant

Location

Washington, DC

Company Name

International Monetary Fund (IMF)

Job Description

Under the general supervision of the Chief Information Security Officer, the role will require the candidate to provide information risk management and IT security expertise. The expertise will take the form of risk analysis, consultancy, guidance, policies, standards, best practice, incident response, and process improvements. The candidate with be required to work with project teams, service providers, and business units internal and external to the IT function. The candidate is expected to bring pragmatic risk management experience allowing for the Fund to meet its present and emergent business needs but in compliance to Fund’s security polices and standards and within risk appetite.

This individual is expected to advise and influence technology and business personnel regarding the value and methods of safeguarding information, applications, systems, infrastructure, and activities to help ensure that technologies function optimally, work practices are optimized so that the information risks are managed.

Specific responsibilities include:

  • Delivers information security risk assessments (Certification and Accreditation) of projects, new technologies, external service providers, and IT changes. Guides staff and managers on the appropriate risk mitigation strategies.
  • Effectively communicates requirements and trains staff and managers in IT divisions to identify and manage risks throughout the project lifecycle.
  • Communicates and reports on risk metrics to IT management and governance groups.
  • Conducts quality assurance reviews of security requirements and audit recommendations for the implementation of identified solutions.
  • Manages the engagement process of external risk assessment providers and acts as a liaison with internal IT project teams and business units.
  • Supports the Fund’s ISO 27001 certification by promoting self-compliance to policies and standards by IT staff and managers. Keeps abreast of international information security codes of practice such as ISO 27001/27002, information security and privacy regulations and how these measures could affect information assets owned by, or administered on behalf of, the IMF.
  • Assists with the development of the Fund’s enterprise security architecture and standards at the business, information, infrastructure, and application level. Provides subject matter expertise on enterprise security architecture and influences selection of tools and technologies to support the Fund’s security architecture standards.
  • As an advocate of information security, works closely and proactively with IT project team leaders, service providers, and business units to provide security-related technical solutions. Identifies opportunities to improve business practices or IT security-related processes.
  • Analyzes, recommends and implements process improvements within the context of information security.
  • Works closely with IT project teams to develop implementation plans for new security-related products and services.
  • Coordinates the preparation and presentation of user technical support and training materials to ensure the efficient, effective and secure use of information and communications technology.
  • Coordinates and supports the work of security governance.
  • Prioritizes, monitors, and assesses compliance and audit recommendation results to ensure they are comprehensive, robust, and of high quality.

Requirements

  • Advanced degree in Information Security and minimum 7 years experience in regulated industries working as an information risk manager or as an IT security specialist; or
  • Bachelors degree in Information Security and minimum 10 years experience in regulated industries working as an information risk manager or IT security specialist; or
  • Advanced university degree in computer science, engineering, mathematics, business or related field of study plus a minimum of 12 years of relevant experience in regulated industries working as an information risk manager or IT security specialist.

Follow-Up Contact Information

For additional information and to apply, head on over to CSOOnline.com’s recent post.

#####

You can find more career opportunities over on our Job Board. Head on over there for all the details. Today’s post image is from the good folks over at FriendsOfEthiopia.blogspot.com.

5 comments for “Job: Information Risk Manager in Washington, DC

  1. March 8, 2012 at 10:50 pm

    Some bloggy re that risk manager position.. http://t.co/EGx3xc1u

  2. March 8, 2012 at 11:15 pm

    BLOGGED: Job: Information Risk Manager in Washington, DC http://t.co/EGx3xc1u

  3. March 8, 2012 at 11:38 pm

    #NOVABLOGGER: Job: Information Risk Manager in Washington, DC http://t.co/vToTlPvd http://t.co/Inu1SfcI

  4. March 9, 2012 at 10:25 am

    Wanna make a diff .. & report to the CISO of the IMF? Check out our latest job opp for a risk mgr.. http://t.co/vToTlPvd

  5. March 9, 2012 at 1:45 pm

    Blogged: Job: Information Risk Manager in Washington, DC http://t.co/BXqirWfn

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.