Information Risk & Compliance Manager

Envision Employment Solutions is currently looking for an Information Risk & Compliance Manager for one of our partners, a global leader in the chemical industry field.

Job Summary:

The Information Risk & Compliance Manager is pivotal in developing, implementing, and maintaining a robust information risk management and compliance program, ensuring adherence to regulatory requirements, industry standards, and internal policies. This entails creating structured frameworks for identifying, assessing, and managing information security risks, while also safeguarding the organization's information assets and maintaining data integrity. By staying abreast of evolving regulatory landscapes and industry best practices, the manager establishes a culture of security and compliance, mitigating risks, ensuring regulatory compliance, and safeguarding the organization's reputation and business continuity.

Responsibilities:

• Develop and execute a comprehensive information risk management and compliance strategy aligned with organizational goals and industry best practices.
• Collaborate with the Head of Group Cybersecurity to define and implement risk management frameworks, policies, and procedures across the organization.
• Provide guidance and support to OpCo Cybersecurity Liaison Managers in implementing security mitigation actions and measures at the OpCo level.
• Lead efforts to assess and mitigate information security risks, including conducting risk assessments, threat modeling, and vulnerability assessments.
• Ensure compliance with relevant regulatory requirements, industry standards, and internal policies related to information security and data privacy.
• Manage the development and delivery of information security awareness programs and training initiatives for employees at all levels of the organization.
• Monitor and analyze security incidents and breaches, conduct root cause analysis, and implement corrective actions to enhance security posture.
• Collaborate with cross-functional teams to integrate security controls into business processes and systems development lifecycle.
• Stay abreast of emerging threats, trends, and technologies in information security and compliance, and provide recommendations for continuous improvement.
• Prepare and present reports to senior management and stakeholders on information risk management and compliance activities, including metrics, findings, and recommendations for improvement.

Requirements

• Bachelor’s degree in information security, Computer Science, or a related field.
• Holds professional certifications such as CISSP, CISM, or CRISC.
• Demonstrates at least 10 years of experience in information security and risk management roles.
• Proven track record of developing and implementing information risk management and compliance programs.

• Skills:
• Proficiency in developing and implementing information risk management and compliance programs.
• Strong analytical skills to assess and mitigate complex information security risks.
• Excellent communication and interpersonal abilities for effective collaboration with diverse stakeholders.
• Detail-oriented approach with a focus on maintaining confidentiality and integrity of information assets.
• Adaptability to changing priorities and environments, with the ability to work effectively under pressure.