EVERSANA

Compensation

Full Description

Description: • Manage and mentor a team of risk analysts and security professionals • Develop and maintain a comprehensive Enterprise IS/IT Risk Management framework, including risk assessments, threat modeling, and vulnerability management • Conduct regular risk assessments across the organization, including business impact analyses (BIA) and threat and vulnerability assessments (TVAs) • Oversee the implementation of risk mitigation controls and monitor their effectiveness • Develop and maintain key risk indicators and key performance indicators (KPIs) to track and measure risk levels • Advise senior management on risk-related decisions and provide recommendations for improving the company's overall security posture • Stay abreast of emerging threats and vulnerabilities and advise on appropriate countermeasures • Collaborate with internal and external stakeholders, including IT, legal, compliance, and business units • Ensure compliance with relevant industry regulations and standards • Participate in incident response activities and post-mortem analysis • Develop and deliver presentations and reports to senior management and the Board of Directors Requirements: • Bachelor’s degree in Computer Science, Information Systems, or a related field • 8+ years of experience in information security and risk management roles • Proven experience in developing and implementing enterprise-wide risk management frameworks • Strong understanding of industry best practices, regulatory requirements (e.g., SOX, HIPAA, GDPR), and emerging threats • Experience with risk assessment methodologies, including threat modeling, vulnerability scanning, and penetration testing • Excellent analytical and problem-solving skills • Strong leadership and mentoring skills Benefits: • Health insurance • 401(k) matching • Paid time off • Flexible work arrangements • Professional development opportunities