CliftonLarsonAllen LLP
Security GRC Manager
CliftonLarsonAllen LLP, Minneapolis, Minnesota, United States, 55400
CLA is a top 10 national professional services firm where our purpose is to
create opportunities
every day, for our clients, our people, and our communities through industry-focused wealth advisory, digital, audit, tax, consulting, and outsourcing services. Even with more than 8,500 people, 130 U.S. locations, and a global reach, we promise to know you and help you.CLA is dedicated to building a culture that invites different beliefs and perspectives to the table, so we can truly know and help our clients, communities, and each other.CLA is looking to hire a
Security GRC Manager
to join our growing Enterprise Information Security team. You will lead our efforts to mature CLA’s risk management program, processes, and strategy. The ideal candidate will have experience in facilitating risk management through various risk identification and mitigation strategies, leading GRC professionals, maximizing team productivity, and a passion for continual professional growth.How you’ll
create opportunities
in this
Security GRC Manager
role:Lead and manage a team of GRC professionals to maximize the team’s potential and to provide best of class risk management services to CLA employees and clients.Manage the IT Risk Management Program, including IT Risk Assessments, Vendor Risk Assessments, Risk Register, IT Security Policies, and Client Security Inquiry Responses.Lead the IT risk lifecycle process from identification, qualification, quantification, reporting, tracking, and remediation.Collaborate with the risk advisory team to develop corrective action plans and drive risk mitigation efforts.Apply various risk assessment strategies to identify risks and drive mitigation efforts to completion by leveraging IT teams.Compile and quantify risks for reporting and communicate results meaningfully to program stakeholders.Document risks thoroughly and concisely to drive effective corrective action plans.Lead CLA IT’s compliance program related to various security and privacy frameworks such as CMMC, NIST CSF, CIS, HIPAA & SOC2.Translate cyber security framework control language to technical requirements.Coordinate the response to third-party security assessments with external parties.Ensure CLA meets our data protection commitments to our Family Members and Clients through effective collaborations with key stakeholders.Prepare and present risk reports to senior management and stakeholders.Stay updated on emerging IT risks, threats, and best practices.What you will need:7 years of experience in governance, risk and compliance, team leadership or management, security frameworks, risk assessment, risk analytics, risk modeling, and/or risk management.3 years of demonstrated ability to manage complex projects or lead GRC operations.2 years of demonstrated ability to lead project or operation teams.1 year of supervisory experience.Bachelor’s degree is required. A combination of relevant experience, education, and training may be accepted in lieu of a degree.CISSP, CISM, or CISA preferred.
#J-18808-Ljbffr
create opportunities
every day, for our clients, our people, and our communities through industry-focused wealth advisory, digital, audit, tax, consulting, and outsourcing services. Even with more than 8,500 people, 130 U.S. locations, and a global reach, we promise to know you and help you.CLA is dedicated to building a culture that invites different beliefs and perspectives to the table, so we can truly know and help our clients, communities, and each other.CLA is looking to hire a
Security GRC Manager
to join our growing Enterprise Information Security team. You will lead our efforts to mature CLA’s risk management program, processes, and strategy. The ideal candidate will have experience in facilitating risk management through various risk identification and mitigation strategies, leading GRC professionals, maximizing team productivity, and a passion for continual professional growth.How you’ll
create opportunities
in this
Security GRC Manager
role:Lead and manage a team of GRC professionals to maximize the team’s potential and to provide best of class risk management services to CLA employees and clients.Manage the IT Risk Management Program, including IT Risk Assessments, Vendor Risk Assessments, Risk Register, IT Security Policies, and Client Security Inquiry Responses.Lead the IT risk lifecycle process from identification, qualification, quantification, reporting, tracking, and remediation.Collaborate with the risk advisory team to develop corrective action plans and drive risk mitigation efforts.Apply various risk assessment strategies to identify risks and drive mitigation efforts to completion by leveraging IT teams.Compile and quantify risks for reporting and communicate results meaningfully to program stakeholders.Document risks thoroughly and concisely to drive effective corrective action plans.Lead CLA IT’s compliance program related to various security and privacy frameworks such as CMMC, NIST CSF, CIS, HIPAA & SOC2.Translate cyber security framework control language to technical requirements.Coordinate the response to third-party security assessments with external parties.Ensure CLA meets our data protection commitments to our Family Members and Clients through effective collaborations with key stakeholders.Prepare and present risk reports to senior management and stakeholders.Stay updated on emerging IT risks, threats, and best practices.What you will need:7 years of experience in governance, risk and compliance, team leadership or management, security frameworks, risk assessment, risk analytics, risk modeling, and/or risk management.3 years of demonstrated ability to manage complex projects or lead GRC operations.2 years of demonstrated ability to lead project or operation teams.1 year of supervisory experience.Bachelor’s degree is required. A combination of relevant experience, education, and training may be accepted in lieu of a degree.CISSP, CISM, or CISA preferred.
#J-18808-Ljbffr