Risk Manager GRC

Job ID:
Detroit, MI
Information Technology, Telecommunications, Array
$110,000.00 per year
Zip Code:
Employment Type:
Full time

Job Description:

Prestigious Enterprise Company is currently seeking a IT Risk Manager. Candidate will lead the planning and execution of information security initiatives for one or more IT functional area across the enterprise related to risk management, mitigation and response, compliance, control assurance, and user awareness. Assist in developing and driving security strategies, policies/standards, ensuring the effectiveness of solutions, and providing security-consultative services to the organization.


Maintain an up-to-date understanding of industry best practices.

Manage the develop, refine, and implement enterprise-wide security policies, procedures and standards to meet compliance responsibilities.

Manage the monitoring compliance with security policies, standards, guidelines and procedures.

Ensure security compliance with legal and regulatory standards. Support service-level agreements (SLAs) to ensure that security controls are managed and maintained.

Lead the development of processes and procedures for the information security governance program, including control document reviews, participant assessment preparation, meeting coordination, assessment finding mediation, assisting control owner with remediation plan development, tracking findings through remediation, progress monitoring, reporting and escalation.

Managing the team in gathering a full understanding of project scope and business requirements.

Analyze business processes and business requirements to determine conformance to security policies and procedures.

Provide security-related guidance on business processes.

Participate in designing secure infrastructure solutions and applications.

Work directly with the customers, third parties and other internal departments and organizations to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk.

Conduct business impact analysis to ensure resources are adequately protected with proper security measures.

Analyze security analysis reports for security vulnerabilities and recommends feasible and appropriate options.

Create, disseminate and update documentation of identified information security risks and controls.

Check existing accounts and data access permission requests against documented authorizations.

Assist in the data classification process.

Participate in security investigations and compliance reviews as requested.

Monitor multiple logs across diverse platforms to uncover specific activities as they occur from platform to platform.

Consult with clients on security violations.

Coordinate all IT internal and external assessment components.

Perform security monitoring and reporting, analyze security alerts and escalate security alerts to local support teams.

Provide security support for application- and infrastructure-related projects to ensure that security issues are addressed throughout the project life cycle.

Assist in the development and implementation of information security disaster recovery test plans.

Lead projects to ensure that security issues are addressed throughout the project life cycle.


Bachelor's degree in related field preferred.

5+ years of combined IT and security work experience with management and PM experience

Professional certification in technical security areas preferred.

Knowledge of security issues, techniques and implications across all existing computer platforms required.

Strong analytical, problem solving and consulting skills with knowledge of Information Security and related technologies.

Knowledge of approaches, tools, and techniques for recognizing, anticipating, and resolving problems ability to apply this knowledge to diverse situations.

Accuracy and attention to detail skills.

Ability to work independently, or within a team environment.

Company Info
Request Technology - Craig Johnson