Manager, Information Security Risk

Job Title:  Manager, Information Security Risk

Department:  Information Security

Location:  Remote

About Acrisure

Acrisure is a global Fintech leader that combines the best of humans and high tech to offer multiple financial products and services to millions of businesses and individual clients. We connect clients to solutions that help them protect and grow what matters, including Insurance, Reinsurance, Cyber Services, Mortgage Origination and more.

Acrisure employs over 17,000 entrepreneurial colleagues in 21 countries and have grown from $38 million to $4.3 billion in revenue in just over ten years. Our culture is defined by our entrepreneurial spirit and all that comes with it: innovation, client centricity and an indomitable will to win.

Job Summary:

As the Information Security Risk Manager, you will become an integral part of our dynamic Governance, Risk, and Compliance (GRC) team dedicated to safeguarding the organization. Your primary responsibility is to lead the third-party risk assessment program while also providing support in managing SOC2 assessments, conducting policy reviews, and evaluating the impact of regulatory changes. You will guide a talented team focused on securing Acrisure's information in an ever-changing landscape. Moreover, you will benefit from collaborating with and learning from experienced information security experts who are specialists in their respective areas.

Responsibilities:

• Provide leadership and direction for the entire third-party risk assessment program, overseeing risk assessment strategies and ensuring alignment with organizational objectives and priorities.
• Develop and maintain strong relationships with key stakeholders, including senior leadership, business units, legal, compliance, and IT teams, to facilitate smooth third-party risk management processes.
• Stay abreast of relevant regulatory requirements, industry standards, and best practices to ensure the program remains compliant with all applicable laws and regulations.
• Conduct comprehensive third-party risk assessments, analyzing security policies, procedures, controls, and compliance with regulatory requirements. Perform in-depth technical assessments of third-party solutions, evaluating compatibility with our network infrastructure and data handling practices.
• Collaborate and build relationships with different business partners and provide guidance regarding program requirements on the onboarding and management of third parties.
• Assist with the compilation and reconciliation of third-party reporting data for internal reports.
• Drive ongoing enhancements to the third-party risk assessment program, identifying areas for improvement and implementing effective solutions.

This description is not meant to be all-inclusive and may be modified from time to time at the discretion of management.

Requirements:

• A seasoned professional with 5+ years of progressive experience in IT security
• Proven expertise in managing timelines and deliverables effectively.
• Strong leadership skills with the ability to inspire and guide a team of security professionals.
• Excellent communication and interpersonal skills, with the ability to engage effectively with all levels of the organization and external partners.
• Able to work independently and enjoy a high degree of interaction with team members.
• Ability to contribute to a collaborative environment by consistently demonstrating teamwork, high motivation, positive behavior and effort to achieve goals and objectives.
• Self-motivated and driven.

Benefits & Perks:

• Competitive Compensation
• Industry Leading Healthcare
• Savings and Investments
• Charitable Giving Programs
• Offering hybrid work option           
• Opportunities for Growth
• Parental Leave
• Generous time away