Cyber Risk Manager (Remote)

Chevy Chase, MD
Aug 14, 2022
Aug 16, 2022
Full Time
The Cybersecurity Risk Management team at GEICO Technology Solutions is seeking an experienced Cyber Risk Manager to join our organization. The Cyber Risk Manager will help to build, continuously improve, and execute the internal cyber risk management functions at GEICO. The ideal candidate will have experience building and delivering internal risk assessments, aggregating risk perspectives, and communicating results to various level stakeholders. The Cyber Risk Manager will be joining a team tasked with providing insight into GEICO's risk posture and providing information to support a culture where risk is a top consideration when making business decisions.Key ResponsibilitiesBuild, continuously improve, and execute the internal cyber risk management functionRespond to audit findings, define and track remediation projects, and ensure ongoing compliance with required standardsSupport periodic risk assessments and identify strategic opportunities to adopt industry-leading security and compliance standardsRegularly liaise with business development, enterprise architecture, and tech engineering/development teams to ensure compliance requirements are well understood and adhered to in product development and supportReport results from standard, regulatory, and ad-hoc risk assessments to Information Security management, business owners, and Information System sponsorsLead, manage and develop relationships, ensuring enablement and quality in risk assessment executionDraft reports and other formal outputs and ensure quality of such deliverablesBuild and contribute to the reputation of the cyber risk management group within the industryReview and monitor the organizational security compliance against the NIST CSF and other required frameworksProvide key inputs and collaboration with various risk/compliance departments Provide subject matter expertise to Contract Managers, Business Unit Managers, and third-party relationship Managers to ensure third party risk management program is in compliance with applicable regulations or policiesHelp develop, maintain and publish up-to-date information security policies, standards and guidelinesProvide regular reporting on the current status of the information security programDesired ExperienceExperience building and delivering internal risk assessments, aggregating risk perspectives, and communicating results to various level stakeholdersAbility to provide guidance and independent effective challenge during functional risk assessments to ensure thorough critical thinking in assessing risks and aligning them with broader Operational and Enterprise Risk assessmentsAbility to develop and maintain reporting of Key Risk Indicator metrics that provide early warning indicators of impending risksExperience executing a disciplined Issues Management process by ensuring operational risk issues are reported, escalated if necessary and action plans executed according to proceduresBachelor's degree and 5 years of experience in information security or in lieu of a degree 9 years of experience in information securityDemonstrated working knowledge in computer information security, security engineering, and/or network securityExperience with the Following TechnologiesIntrusion Detection System/Intrusion Prevention SystemMalware Analysis and ProtectionData Loss Prevention ToolsContent Filtering TechnologiesSIEM TechnologiesSecurity Incident Response ManagementPublic Key InfrastructureIdentity and Access Management TechnologiesApplication FirewallsTwo Factor Authentication TechnologiesVulnerability ScanningPenetration TestingEncryption TechnologiesSecurity Frameworks, Standards and Regulations such as ISO 27001, PCI, SANS, NIST, SOX formation Security Policy, Standard and Procedure Development, Enhancement, MaintenanceInformation Systems Risk AssessmentUser Authentication, Authorization and Access ControlDatabase SecurityForensics and InvestigationsFirewall ManagementActive DirectoryAt Least One of the Following Security CertificationsAssociate of ISC2 - Certified Information Systems Security Professional (CISSP)Security +, Network + and A+GIAC Security Essentials Certification (GSEC)GIAC Information Security Expert (GISE)GIAC Certified Windows Security Administrator (GCWN)GIAC Certified Forensic Analyst (GCFA)GIAC Certified Intrusion Analyst (GCIA)Certified Ethical Hacker (CEH)Security Certified Network Professional (SCNP)BenefitsAt GEICO, we make sure you have the support and resources to leverage and develop your skills, secure your financial future, and take care of your health and well-being. GEICO continually seeks to provide a workplace where everyone can be their authentic self. To help achieve this goal, we support associate-led Employee Resource Groups that foster a true sense of community. Through GEICO's competitive benefits offerings and various training and development opportunities, we have you covered with our Total Rewards Program* that includes:Premier Medical, Dental and Vision Insurance with no waiting period**Paid Vacation, Sick and Parental Leave401(k) Plan with Profit SharingTuition ReimbursementPaid Training and Licensures*Benefits may be different by location. Benefit eligibility requirements vary and may include length of service. **Coverage begins with the pay period after hire date. Must enroll in New Hire Benefits within 30 days of the date of hire for coverage to take effect.GEICO is proud to be an equal opportunity employer. We are committed to cultivating an environment where equal employment opportunities are available to all associates and job applicants regardless of race, color, religious creed, national origin, ancestry, age, gender, pregnancy, sexual orientation, gender identity, marital status, familial status, disability or genetic information, in compliance with applicable federal, state and local law. GEICO celebrates diversity and believes it is critical to our success. As such, we are committed to recruit, develop and retain the most talented individuals to join our team.#LI-KL2PDN-96c9c346-efea-4a2f-a5a3-1673283ed72d

Similar jobs