Security Risk Management Specialist

The Security Risk Management Specialist is responsible for identifying evaluating and mitigating security risks to the organizations assets personnel and operations. This role requires a proactive approach to analyzing threats developing policies and coordinating incident response strategies. The ideal candidate will have substantial experience in risk assessment security frameworks and compliance regulations with a demonstrated ability to collaborate across departments to ensure comprehensive risk mitigation.

Key Responsibilities

Risk Assessment & Analysis

Conduct comprehensive security risk assessments for corporate facilities information systems and processes.

Identify potential threats vulnerabilities and business impacts.

Develop quantitative and qualitative risk models to prioritize mitigation efforts.

Policy Development & Compliance

Draft implement and maintain security policies and procedures in alignment with industry standards (e.g. ISO 27001 NIST).

Ensure organizational compliance with legal and regulatory requirements related to information and physical security.

Incident Response & Investigation

Lead incident response efforts including investigation remediation and documentation of security incidents.

Coordinate with IT HR Legal and external agencies as necessary.

Vendor & Third-Party Risk Management

Assess and manage security risks associated with third-party vendors contractors and service providers.

Develop security requirements and conduct security reviews during vendor onboarding.

Education & Training

Develop and deliver security awareness training programs for employees.

Promote a culture of security throughout the organization.

Continuous Improvement

Monitor and evaluate emerging threats vulnerabilities and best practices.

Recommend and implement improvements to security controls processes and technologies.

Required Qualifications

Bachelors degree in Security Management Information Security Risk Management or a related field; Masters degree preferred.

Minimum 5 years of relevant experience in security risk management preferably in a corporate or enterprise environment.

Professional certifications (e.g. CISSP CISM CRISC CPP) strongly preferred.

In-depth knowledge of risk assessment methodologies security frameworks and regulatory requirements.

Strong analytical organizational and communication skills.

Ability to handle sensitive and confidential information with discretion.

Compensation

Annual Salary: $110000 $140000 (USD) commensurate with experience and qualifications.

Benefits

Comprehensive Health Dental and Vision Insurance

401(k) Retirement Plan with Company Match

Generous Paid Time Off (PTO) and Paid Holidays

Flexible Work Arrangements (remote/hybrid options)

Professional Development and Certification Reimbursement

Employee Assistance Program (EAP)

Life and Disability Insurance

Wellness Programs and Onsite Fitness Facilities (where applicable)

Commuter Benefits (where applicable)

Tuition Reimbursement

Performance-Based Annual Bonus