Information Security Risk Manager

It's an exciting time to join Fisher Investments; we're investing in the future of our firm's technology and information security. Our business is growing internationally, which emphasizes the need to build an unparalleled team that promotes future global growth through strategic solutions and progress. We are important to supporting our firm's diverse businesses, and we are excited to continue solidifying that foundation as we add more experienced technologists to our Technology team. The Opportunity: The Information Security Risk Management position, reporting to the Associate VP of Information Security, will work with Information Security, Technology, Project, and Enterprise Risk Management teams to perform technology risk analysis and recommend controls. You will also develop, recommend, and implement technology risk practices following Fisher Investments Digital Asset risk management goals. The Day-to-Day:Represent Information Security in Enterprise Risk Management technology reviews for Digital Assets, including evaluation of inherent risk, researching vendor practices and controls, recommending new practices and controls, and estimating residual riskContinuously mature Enterprise Risk Management evaluation procedures for Digital AssetsContinuously collaborate with Information Security, Technology, and Data Privacy Subject Matter Experts to determine efficacy of technical and practical Digital Asset controlsResearch new possible technical and practical Digital Asset risk controlsPerform security-focused risk and gap assessments to identify, document and track security risks associated with Cloud and physical IT infrastructure and services, Applications, Information systems, and Vendors/other third partiesIdentify risk levels and associated controls to manage risk levels applying both quantitative and qualitative techniquesTranslate risk management measures from technical to business languageProvide security risk services to business owners and partnersUnderstand and maintain a broad knowledge of methodologies and technologies in the area of risk assessments and controls measuresYour Qualifications:3+ years of experience in Enterprise Risk Management for Digital Assets, including development of risk evaluation processes, control evaluations and recommendations, and vendor research3+ years of experience in Digital Asset audit review experience (including SOC 2 Type II, SOX compliance, PCI compliance, vulnerability reports, retention policies)Knowledge of Information Security and risk standards and frameworks such as NIST 800-53, CIS benchmarks, OWASP, ISO-27001, and COSOExperience assessing risk or implementing controls in a cloud-based enterprise environmentExtensive knowledge of information systems, risk assessment methodologies and security control technologiesAbility to balance risks in ambiguous and complex scenariosTeam-oriented, highly collaborative, experience leading initiativesExperience in GRC platformsCompensation:$100,000 - $140,000 base salary per year in the state of WA. New hires should expect to start at the lower end of the range depending on experience.Eligible for a discretionary bonus based on firm and individual performanceWhy Fisher Investments: We work for a bigger purpose: bettering the investment universe. We take great pride in our inclusive culture, our learning and development framework customized for every employee, and our Great Place to Work Certification. It's the people that make the Fisher purpose possible, and we invest in them by offering exceptional benefits like:100% paid medical, dental and vision premiums for you and your qualifying dependentsA 50% 401(k) match, up to the IRS maximum20 days of PTO, plus 10 paid holidays Family Support programs including 8 week Paid Primary Caregiver Leave, fertility, family forming, and hormonal health assistance and back-up child, adult, and elder care$10,000 fertility, hormonal health and family-forming benefitOpportunity to participate in our hybrid work from home program. This program is subject to change. Based on tenure and performance eligibility, you will have the opportunity to work from home up to 75 days per yearFISHER INVESTMENTS IS AN EQUAL OPPORTUNITY EMPLOYER