Risk Specialist (Contract to Hire)

Oversee the risk management lifecycle for our global enterprise focusing on identifying assessing and mitigating risks that could affect operations data and reputation. This role requires a strategic thinker who understands both technology and business and can translate complex risks into actionable business language. Collaborate closely with cybersecurity compliance audit and business leaders to drive risk-informed decision-making and strengthen the organizations security posture. Passionate about building structure out of complexity and partnering across teams to enable smart secure decisions.

Key Responsibilities

• Lead and mature our enterprise information risk management program aligning with ISO 27005 NIST RMF and COSO frameworks.
• Identify and assess technology operational and third-party risks across systems applications and cloud environments.
• Work with IT and business units to develop mitigation plans and track progress toward resolution.
• Build and maintain risk dashboards and reports that visualize key risk indicators (KRIs) and emerging trends for leadership and board review.
• Partner with Vulnerability Management Incident Response and Compliance teams to integrate risk awareness into daily operations.
• Support regulatory and audit readiness by ensuring risk activities align with ISO 27001 NIST CSF HIPAA and PCI-DSS standards.
• Provide clear actionable communication translating technical risk into business terms that drive informed decisions.
• Stay current on emerging risks regulations and best practices and continuously evolve the program

Competencies

Planning

Develop work plans establish timelines and set goals for assigned work unit.

Assign resources as needed.

Meet commitments on deadlines.

Communication

Communicate team or group results to management and make appropriate recommendations.

Prepare written and verbal presentations to convey information.

Cost Management

Drive improvement in existing business processes and assist in the identification and implementation of new processes.

Assist in development and is accountable for budget for work unit.

Work within financial objectives set by management.

Business Controls and Policies

Comply with all corporate policies and procedures.

Identify control objectives for designated function and implement cost-effective controls designed to meet those objectives.

Test controls to determine if they are performing as intended.

People Management

Has full HR responsibility for direct reports including making hiring decisions training coordinating work establishing standards reviewing work conducting performance appraisals and providing coaching or counseling.

Qualifications

• Bachelors degree in Cybersecurity Information Technology Computer Science or a related field.
• 4 years of experience in risk management security operations or similar cybersecurity functions.
• Strong understanding ofISO 27005 NIST RMF NIST CSF COSO orFAIRframeworks.
• Experience performingrisk assessments maintaining risk registers and tracking remediation.
• Comfortable influencing leaders and cross-functional teams with data-driven insights.
• Familiarity withGRC platforms(e.g. Archer ServiceNow Risk OneTrust).
• Nice to have certifications likeCRISC CISM CISSP or ISO 27005 Risk Managerare a plus.
• Strong communication skills able to bridge the gap between technical depth and business clarity.