VerSprite Cybersecurity
Security Training • Enterprise Risk Assessments • Vendor Risk • Penetration Testing • Web Application Assessments
Director of Information Risk Management - Remote
December 9
VerSprite Cybersecurity
Security Training • Enterprise Risk Assessments • Vendor Risk • Penetration Testing • Web Application Assessments
Description
• Develop and lead the IRM program to deliver comprehensive risk management services tailored to client needs. • Collaborate with executive leadership to define the strategic direction of the IRM practice. • Drive the adoption of risk-based approaches across client organizations, aligning security initiatives with business objectives. • Oversee the identification, assessment, and prioritization of information security risks. • Develop risk mitigation strategies, including policies, processes, and controls, ensuring compliance with frameworks such as ISO 27001, NIST, or SOC 2. • Advise clients on third-party risk management, business continuity planning, and incident response readiness. • Act as the primary point of contact for client engagements, ensuring exceptional service delivery. • Conduct executive-level presentations to communicate risk findings, recommendations, and remediation plans. • Build and nurture long-term client relationships, identifying opportunities for additional service offerings. • Recruit, mentor, and lead a team of IRM professionals, fostering a culture of excellence and continuous improvement. • Stay abreast of emerging risks, threats, and technologies in the cybersecurity landscape. • Contribute to thought leadership initiatives, including whitepapers, webinars, and industry events.
Requirements
• Bachelor’s degree in Information Security, Risk Management, or a related field (Master’s preferred). • 10+ years of experience in information risk management, including leadership roles. • Strong knowledge of industry standards and frameworks (ISO 27001, NIST, SOC 2, PCI DSS, etc.). • Expertise in conducting risk assessments, gap analyses, and compliance audits. • Experience advising on GRC tools, risk management platforms, or related technologies. • Exceptional communication skills, with the ability to articulate complex risks to non-technical audiences. • Relevant certifications (CISSP, CISM, CRISC, or similar). • Proven experience in consulting or professional services environments. • Familiarity with cloud security, third-party risk management, and incident response.
Benefits
• Opportunities to develop new skills and progress your career; • The freedom and flexibility to handle your role in a way that’s right for you; and • A collaborative environment where everyone works together to create a better working world
Apply Now