Risk Management Manager
Posted on: October 8, 2019
Neustar, Inc. is a leading global information services provider
driving the connected world forward with trusted, holistic identity
resolution. More information is available at
Job Requisition:R-2812 Risk Management Manager (Open)Primary
Location:STERLING - RT3Job Description:
Security Risk Manager
Neustar is seeking a Security Risk Manager to join the Risk &
Compliance function. The Risk & Compliance function enhances
business operations by assessing and providing guidance on
strategies, processes and controls to help manage risk, provide
assurance, and ensure compliance.
The Security Risk Manager will assist with communication,
coordination and execution of cyber security risk management
processes and activities from identification through mitigation to
support the risk management program. The role supports providing
assurance to key stakeholders including management, business units,
customers and prospective customers that controls to mitigate risks
are appropriate and effective.
Your Role and Responsibilities
--- Engage with business units to perform and coordinate technical
assessments to identify and analyze cyber security risks.
Assessments to include architecture reviews and analysis of
security testing from vulnerability assessments and penetration
testing. Analyze risks for likelihood and impact. Provide analysis
results and mitigation recommendations.
--- Assist risk owners in the development of mitigation plans.
Track mitigation plans to completion. Validate mitigation through
security testing and supporting evidence.
--- Document assessments and maintain artifacts including interview
notes, documentation reviewed, vulnerability assessments and
penetration testing results analyzed, testing performed, mitigation
validation evidence, etc.
--- Assist business units with establishing and maintaining risk
registers to track identified risks, mitigations and treatment
plans. Perform regular follow up to help ensure risk registers are
maintained and current, mitigations are regularly reviewed for
continued appropriateness and effectiveness, and completed
treatment plans are validated.
--- Advise business units on risk management and mitigation
strategies based on current and evolving threats and trends, and
types of controls from policies and standards to processes and
technologies and other mechanisms to mitigate risk.
--- Participate in responses to information security related
compliance questions from prospective customers in questionnaires,
and existing customers in audit questionnaires.
--- Participate in contract reviews to ensure information security
related requirements are accounted for in established controls or
if new controls or control changes will be required.
--- Assist with ad-hoc customer information security related
information requests to ensure tracking, prioritization, engagement
of appropriate internal functions/personnel, and timely response to
--- Participate in assessments of Neustar's suppliers for
compliance with information security related requirements in
--- Assist with the management of the enterprise risk register to
include coordination and synchronization with business unit risk
--- Assist with implementation, support and communication of the
risk management program and its processes and activities across the
--- Assist with risk management program reporting, including
metrics development and collection.
--- Be an expert on the organization's risk, technology and
security related governance, policies and standards to ensure risk
management program guidance and recommendations are in
--- Develop and enhance the risk management program through
automation, process improvement, etc.
--- Act as a liaison between the risk, technology and security
functions and the business units to help facilitate risk management
program processes and activities.
--- Stay current on cyber security risks and trends, and risk
management issues and mitigation strategies and methods.
--- 5+ years experience in roles such as security risk assessment,
information security, technical audit and compliance, and risk
--- Experience developing, designing, and performing cyber security
risk assessments in AWS, Microsoft Azure, Google Cloud Platform,
Oracle ERP, Salesforce, Microsoft Office 365, Box or other cloud
--- Experience in a formal second line of defense role is a
--- Experience working with business units to perform risk
management processes and activities.
--- Experience with SOC2, ISO 27001/2, PCI DSS, NIST CSF and 800
series, and similar security standards.
--- Knowledge of and experience with server operating systems,
virtualization, data stores, containers, networking and security
mechanisms such as firewalls, IDS/IPS, IDM, etc.
--- Knowledge of and experience with security tools such as nmap,
Nessus, Nexpose, tcpdump, Burp, Wireshark, Splunk, etc. are a
--- Experience responding to customer security questionnaires and
reviewing and editing security requirements in contracts is a
--- Must think and act like a leader.
--- Must have personal drive, ownership and accountability to meet
deadlines and achieve agreed-upon results.
--- Strong verbal and written communications skills, and
demonstrated experience communicating and interacting with senior
management and customers.
--- Demonstrated ability to prioritize, work independently, and
manage multiple projects concurrently.
--- Must have strong analytical skills and be self-motivated,
self-directed, well-organized, driven, proactive, and have a
positive, can-do attitude.
--- Ability to rapidly learn new technologies and perform
assessments to identify the associated risks.
--- Must be comfortable working in a fast-paced environment with
regularly shifting priorities and handle pressure well.
--- Bachelor's degree in computer science, information security or
Neustar does not accept unsolicited resumes from external firms or
agencies. Neustar will not be responsible for placement fees
associated with unsolicited resumes.
Diversity, inclusion and teamwork are second nature to Neustar; and
these values permeate our entire business structure. Neustar is
committed to creating an environment where a wide spectrum of
opinions and beliefs are actively sought, listened to and
respected. Further, our talented workforce draws from the many
geographic areas and markets in which Neustar operates worldwide,
which represents a distinct competitive advantage. The rich and
varied personal and professional backgrounds of our employees make
Neustar a dynamic and rewarding company at which to build a career.
We invite you to join us.
EOE of Minorities/Females/Vets/Disability
Neustar, Inc. considers all applicants for employment without
regard to race, color, religion, sex, national origin, age,
disability, sexual orientation, or status as a Vietnam-era or
special disabled veteran in accordance with federal law and other
state and local requirements. Neustar, Inc., complies with
applicable state and local laws prohibiting discrimination in
employment and provides reasonable accommodation to qualified
individuals with disabilities in accordance with the American with
Disabilities Act (ADA) and applicable state and local laws.
Keywords: NeuStar, Sterling , Risk Management Manager, Executive , Sterling, Virginia
Didn't find what you're looking for? Search again!