Mgr Information Security Risk
Frisco, TX

Job Description

The Information Security Risk Assessment Manager is responsible for the oversight and management of the information security risk program that measures and monitors the effectiveness of controls across the organization. The position utilizes strong policy, process, and system knowledge and will participate in a number of company-wide programs to help drive consistent and effective risk-based approaches to MoneyGram. This position will also involve interaction with numerous departments and business functions, as well as external parties.

Primary Responsibilities

* Implements a robust Risk Assessment program within MoneyGram to include assessment of risk, identifying acceptable levels of residual risk, and recommending appropriate remediation measures for internal systems, applications, processes, and third parties.
* Implements, maintains and supports robust controls and risk management programs to ensure domestic and international regulatory compliance.
* Provides a method for ongoing reporting on the level of security risk within the organization.
* Benchmarks risk management practices; maintains up-to-date understanding of industry best practices, monitors legal and regulatory environment for developments that could require changes to established risk compliance.
* Creates, disseminates and (as required), updates documentation of risks and controls; ensures defined processes and standards are maintained.
* Develops and implements programs to identify and manage risk within the organization and within third parties.
* Provides leadership and direction to the risk management team.
* Continually monitors the status of implementing recommended controls to mitigate risk and provides status reports on a periodic basis.
* Remains current on new security regulations, technologies/processes.
* Participates in a local security risk management users group.
* Attends training and conferences to stay current and broaden knowledge.
* Performs other duties as assigned.

Any combination of relevant education and experience and/or related professional designations/certifications in this field is highly desirable.

Education

* Minimum Required: Bachelor's degree or equivalent work experience

Experience

* 5-7 years of Information Security experience in a distributed computing environment to include in-depth knowledge of applications and system.
* 5 years' experience in conducting corporate-wide risk assessments and providing recommendations to mitigate risks.
* 5 years' experience in implementing and managing regulatory compliance programs
* Cloud security, risk management and governance experience preferred

Essential Skills

* Proven leadership and program development skills.
* Strong analytical and problem-solving skills.
* Ability to adapt to potentially ever-changing situations and ability to work well under pressure.
* Superior knowledge of policy, standards and procedure documentation, and policy maintenance.
* Ability to present self in a confident and professional manner.
* Ability to deal with all levels of individuals, internal and external.
* Excellent communication skills, both written and verbal.
* Excellent customer service skills.

#LI-NS1