Full-Time
Cyber Risk and Compliance Manager
Confirmed live in the last 24 hours
Cloud-based supply chain risk management platform
Senior, Expert
New York, NY, USA
- Bachelor’s degree in Computer Science, Information Security, or related field.
- 5+ years of experience working in Information Security Governance, Risk, and Compliance.
- Understanding and technical knowledge of key Information Security Governance concepts, including but not limited to, security training and awareness, policy management, metrics, and data protection.
- Understanding and technical knowledge of key Risk Management concepts, including but not limited to, security risk management, information security consulting, third party management, software security, and security architecture.
- Demonstrable strong management skills, the ability to develop, mentor and coach others.
- Ability to develop information security governance operating plans consistent with the strategy and vision of the organization.
- Ability to delegate work to team members and provide clear and effective guidance on implementation of processes.
- Strong written and oral executive communication, including up to the C-level.
- Strong technical understanding of enterprise computing solutions including cloud hosting, SaaS models and oversight responsibilities.
- Manage risk assessments, validation testing, compliance reviews, and audits in accordance with NIST standards.
- Maintain and monitor the central repository for audit evidence and risk findings.
- Collaborate with process owners, external auditors, and other stakeholders in reviewing, monitoring, and resolving findings.
- Develop security training and awareness campaign materials and coordinates approval across the organization’s business functions, i.e., HR, Legal, Compliance.
- Manage the policy, standards and policy exceptions management process and coordinates approval and updates with Information Security Governing body. Involve relevant parties for security risk and compliance issues that span legal, compliance and regulatory requirements.
- Work with other stakeholders to link corporate IT, product, infrastructure, and privacy departments with GRC objectives.
- Assist business units by responding to client inquiries regarding ongoing operational compliance.
- Monitor the effectiveness of the Security Risk Management and Third Party Management functions, including assessing the level and quality of service provided by professional services, including Software Security and Security Controls Assessment services.
- Proactively seek out areas for improvement and offers insightful advice and value-added guidance on process and control enhancements.
Exiger specializes in providing a cloud-based enterprise platform that enhances supply chain visibility and risk management while offering solutions like third-party due diligence and sanctions screening, all underpinned by AI-powered research technology. The company emphasizes a culture of informed decision-making which is supported by its various accolades in AI, RegTech, and Supply Chain innovation. This enables professionals in legal, risk, compliance, and supply chain fields to work efficiently and with a high degree of confidence, making it an ideal workplace for those dedicated to advancing secure and reliable business practices.
Company Stage
Series C
Total Funding
$182M
Headquarters
New York, New York
Founded
2013
6 month growth
↑ 3%1 year growth
↓ -1%2 year growth
↑ 19%Benefits
Retirement and savings plan
Competitive medical, dental, and vision coverage
Continuous learning opportunities
Flexible work environment
Training, education, and advancement reimbursement
Creative career pathing