Information Security Risk Manager

namename·Remote(Barbados)
Finance

WFA Digital Insight

As demand for digital skills continues to soar, with a reported 25% increase in remote cybersecurity jobs in the past year, the need for skilled Information Security Risk Managers has never been more pressing. With the global shift towards remote work, companies are seeking professionals who can navigate the complex landscape of digital risks and develop effective mitigation strategies. This role, based in Barbados, offers a unique opportunity for a seasoned risk manager to bring their expertise to a forward-thinking company. Before applying, candidates should be aware that a strong background in risk management processes and procedures, as well as excellent collaboration skills, are essential for success in this position.

Job Description

About the Role

The Information Security Risk Manager will play a critical role in providing risk management consulting services to project teams, ensuring that all information security policies, standards, and processes are embedded in the designed and delivered solutions. This is a highly collaborative role that requires working closely with various teams, including project teams, third-party vendors, and internal development groups. The ideal candidate will have a strong understanding of risk management processes and procedures, as well as excellent communication and interpersonal skills.

The role will involve participating in project meetings, security reviews, walkthroughs, and risk assessments to identify potential security risks and provide recommendations for mitigation. The successful candidate will be able to review and interpret requirements documentation, architecture diagrams, and solution designs to determine the feasibility of a project and its security risk.

As an Information Security Risk Manager, you will be responsible for assessing business needs against potential risks and providing recommendations to enhance the company's information security landscape. This will involve examining and interpreting requirements documents, architecture diagrams, solution designs, and other written and verbal information to determine if a project, application, infrastructure, or external supplier presents a security risk.

What You Will Do

  • Review and interpret requirements documentation, architecture diagrams, and solution designs to determine the feasibility of a project and its security risk
  • Assess business needs against potential risks and provide recommendations to enhance the company's information security landscape
  • Examine and interpret requirements documents, architecture diagrams, solution designs, and other written and verbal information to determine if a project, application, infrastructure, or external supplier presents a security risk
  • Participate in project meetings, security reviews, walkthroughs, and risk assessments
  • Collaborate with third-party teams and internal development groups to interpret and review results from penetration tests on internet-facing applications
  • Work with the required teams to ensure that code scans are completed for all new or modified code deployments
  • Track to completion issues raised during risk management reviews
  • Ensure that identified issues are logged as deficiencies, if mitigation will not be possible prior to project implementation
  • Provide Information Security risk consulting services to projects
  • Develop a risk-based schedule for business-as-usual baseline risk assessments
  • Review contract and third-party arrangements to ensure that information security policies are adhered to

What We Are Looking For

  • At least 5 years of experience in information security risk management
  • Strong understanding of risk management processes and procedures
  • Excellent communication and interpersonal skills
  • Ability to review and interpret requirements documentation, architecture diagrams, and solution designs
  • Experience working with third-party vendors and internal development groups
  • Strong analytical and problem-solving skills
  • Ability to work in a fast-paced environment and prioritize multiple tasks
  • Familiarity with industry-standard risk management frameworks and methodologies

Nice to Have

  • Experience working in a remote team environment
  • Familiarity with cloud-based technologies and platforms
  • Certification in information security or risk management (e.g., CISSP, CRISC)
  • Experience with penetration testing and vulnerability assessment tools

Benefits and Perks

  • Competitive salary and benefits package
  • Opportunity to work with a forward-thinking company
  • Collaborative and dynamic work environment
  • Professional development and growth opportunities
  • Flexible working hours and remote work options
  • Access to cutting-edge technologies and tools
  • Recognition and reward for outstanding performance

How to Stand Out

  • Ensure your resume and cover letter are tailored to the specific requirements of the role, highlighting your experience in information security risk management
  • Prepare to discuss your experience working with third-party vendors and internal development groups, and how you have managed risks in these contexts
  • Familiarize yourself with industry-standard risk management frameworks and methodologies, and be prepared to discuss their application in real-world scenarios
  • Be prepared to provide examples of how you have identified and mitigated security risks in previous roles
  • Consider obtaining certification in information security or risk management to demonstrate your expertise and enhance your application
  • Research the company culture and values, and be prepared to discuss how your skills and experience align with these

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.