AMVETS Jobs

At AlixPartners, we solve the most complex and critical challenges by moving quickly from analysis to action when it really matters; creating value that has a lasting impact on companies, their people, and the communities they serve. By understanding, respecting, and honoring the needs of our employees, clients, and communities, AlixPartners actively promotes an inclusive environment. We strongly believe in the value that diversity brings to our experiences and are committed to the perpetual enhancements of initiatives, policies, and practices. We hold ourselves accountable by providing the space for authenticity, growth, and equity for everyone. AlixPartners has embraced a hybrid work model to provide flexibility and support our employees' work-life integration. Our hybrid model combines a mix of in-person at an AlixPartners office (Tuesday, Wednesday, & Thursday) and remote working options for Monday and Friday. What you'll do: As a member of the Information Security team, the IS GRC Lead will lead the design and operations of the Information Security risk management program. The IS GRC Lead will provide technical expertise by identifying new and emerging threats for inclusion in risk register, analyzing risk, and manage the platform(s) used to conduct and report on the results of risk assessments. This person will consult and interface with IT senior leadership, IT staff, and non-IT departments to conduct risk analysis and to make recommendations on how to reduce overall risk. The Information Security Governance, Risk, & Compliance Lead is a full-time position located in Southfield, MI, Chicago, IL, or Dallas, TX reporting to the Information Security Governance, Risk, & Compliance Director. Paid relocation is not available. Security Risk Management Create and maintain a 3-year strategic roadmap to continue to mature the Risk Management program Conduct an annual Risk Management maturity assessment Lead IT senior leadership in the completion of the annual risk assessment required to support client and compliance audits and periodic risk assessments as determined Manage the review and analysis of risk register in ServiceNow Identify threats and business activities that introduce risk to the company Conduct quantitative and qualitative risk assessments Produce reports and metrics that support the analysis from the risk assessment and be able to articulate the findings to both technical and non-technical audiences and collaborate with risk owners on risk treatment strategies Manage and oversee the vendor risk management processes Manage and ensure security assessments are conducted to reduce risk for various projects within the organization Manage the review of issues and policy exceptions to ensure risk is being managed appropriately Author and update policies, standards, and procedures that are related to security risk management Lead cross training activities with IS GRC team to ensure backup support is available Security Team Stay current on security industry trends, new threats and attack techniques, mitigation techniques, and emerging security technologies Keep abreast of the latest information security and privacy laws and regulations; ensure compliance both with internal security policies and applicable laws and regulations Measure and report metrics to IS GRC Director and CISO Improve security efficiency, streamline, and automate work processes while working collaboratively with other team members and IT staff to accomplish objectives Participate, as needed, in critical incidents and implementation reviews Additional responsibilities as identified. This description is not designed to encompass a comprehensive listing of required activities, duties, or responsibilities What you'll need: Bachelor's degree in Information Technology or related field recommended; relevant experience may be cons