Banner Image

All Services

Engineering & Architecture

Information Security Risk Manager

$5/hr Starting at $25

* Develop and review policies, procedures and controls to assure compliance with applicable regulatory and legal * Develop and manage an information security risk management program including development, evaluation, and adherence to multiple areas of practice * Develop a risk strategy that identifies and classifies risks, defines appropriate tolerances, prioritizes mitigation activities, and measures risk levels * Establish and oversee formal risk analysis and self-assessments program for various information services, systems and processes * Identify, assess, manage, and track remediation of risks related to IT infrastructure, applications, platforms and suppliers and drive explicit requirements and timelines in all environments * Oversee highest risk initiatives and serve as a point of escalation for remediation/mitigation efforts * Develop security compliance strategy and approach and ensure compliance with ISO27001, GDPR, local privacy laws, contractual requirements and globally-recognized standards and guidelines * Establish and oversee formal vulnerability management, penetration testing and security posture assessment programs * Identify regulatory, legislative, and industry specific compliance requirements and define controls that can be used to meet those requirements * Oversee third party assessment standards and privileged user monitoring as a check on critical system access * Build out and maintain current GRC tools and processes within information security to provide visibility and transparency

About

$5/hr Ongoing

Download Resume

* Develop and review policies, procedures and controls to assure compliance with applicable regulatory and legal * Develop and manage an information security risk management program including development, evaluation, and adherence to multiple areas of practice * Develop a risk strategy that identifies and classifies risks, defines appropriate tolerances, prioritizes mitigation activities, and measures risk levels * Establish and oversee formal risk analysis and self-assessments program for various information services, systems and processes * Identify, assess, manage, and track remediation of risks related to IT infrastructure, applications, platforms and suppliers and drive explicit requirements and timelines in all environments * Oversee highest risk initiatives and serve as a point of escalation for remediation/mitigation efforts * Develop security compliance strategy and approach and ensure compliance with ISO27001, GDPR, local privacy laws, contractual requirements and globally-recognized standards and guidelines * Establish and oversee formal vulnerability management, penetration testing and security posture assessment programs * Identify regulatory, legislative, and industry specific compliance requirements and define controls that can be used to meet those requirements * Oversee third party assessment standards and privileged user monitoring as a check on critical system access * Build out and maintain current GRC tools and processes within information security to provide visibility and transparency

Skills & Expertise

Agile Application DevelopmentAnalyticsCISSP Compliance ConsultingCyber DefenseISO 27001IT AuditIT Project ManagementIT SecurityITILManagementMonitoringPrivacy PolicyQuality Assurance and TestingSecurity ConsultingStrategy Development

0 Reviews

This Freelancer has not received any feedback.