Job Information
Clifton Larson Allen LLP Security GRC Manager in Minneapolis, Minnesota
CLA is a top 10 national professional services firm where our purpose is to create opportunities every day, for our clients, our people, and our communities through industry-focused wealth advisory, digital, audit, tax, consulting, and outsourcing services. Even with more than 8,500 people, 130 U.S. locations, and a global reach, we promise to know you and help you. CLA is dedicated to building a culture that invites different beliefs and perspectives to the table, so we can truly know and help our clients, communities, and each other. CLA is looking to hire a Security GRC Manager to join our growing Enterprise Information Security team, you will lead our efforts to mature CLA's risk management program, processes, and strategy. The ideal candidate will have experience in facilitating risk management through utilization of various risk identification and mitigation strategies, leading GRC professionals, maximizing productivity of a team and have a passion for continual professional growth. As a Manager GRC, and in conjunction with the Director of Enterprise Information Security, you will lead our efforts to mature CLA's risk management program, processes, and strategy. The ideal candidate will have experience in facilitating risk management through utilization of various risk identification and mitigation strategies, leading GRC professionals, maximizing productivity of a team and have a passion for continual professional growth. How you'll create opportunities in this Security GRC Manager role: Lead and manage a team of GRC professionals to maximize the team's potential and to provide best of class risk management services to CLA employees and clients. Manage the IT Risk Management Program, including IT Risk Assessments, Vendor Risk Assessments, Risk Register, IT Security Policies, and Client Security Inquiry Responses. Lead the IT risk lifecycle process from identification, qualification, quantification, reporting, tracking and remediation. Lead and collaborate with the risk advisory team to develop corrective action plans and drive risk mitigation efforts. Apply various risk assessment strategies to identify risks and driving mitigation efforts to completion by successfully leveraging IT teams. Compile and quantify risks for reporting and communicate results in a meaningful way to program stakeholders. Document risks thoroughly and concisely to drive effective corrective action plans. Lead CLA IT's compliance program as related to various security and privacy frameworks such as CMMC, NIST CSF, CIS, HIPAA & SOC2. Translate cyber security framework control language to technical requirements. Lead and coordinate the response to third-party security assessments with external parties. Through effective collaborations with key stakeholders, ensure CLA is meeting our data protection commitments to our Family Members and our Clients. Prepare and present risk reports to senior management and stakeholders. Stay updated on emerging IT risks, threats, and best practices. What you will need: 7 years of experience in governance, risk and compliance, team leadership or management, security frameworks, risk assessment, risk analytics, risk modeling, and/or risk management. 3 years of demonstrated ability to manage complex projects or leading GRC operations. 2 years of demonstrated ability to lead project or operation teams. 1 year of supervisory experience. Bachelor's degree is required. Combination of relevant experience, education and training may be accepted in lieu of degree. CISSP, CISM, or CISA preferred. Our Perks: Flexible PTO (designed to offer flexible time away for you!) Up to 12 weeks paid parental leave Paid Volunteer Time Off Mental health coverage Quarterly Wellness stipend Fertility benefits Complete list of benefits here #LI-JH1 Equal Opportunity Employer /AA Employer/Minorities/Women/Protected Veterans/Individuals with Disabilities. Click here to learn about your hiring rights. Wellness at CLA To support our CLA family me bers, we focus on their physical, financial, social, and emotional well-being and offer comprehensive benefit options that include health, dental, vision, 401k and much more. To view a complete list of benefits click here. CLA is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, disability status, protected veteran status, national origin, or any other characteristic protected by law. EOE/AA Employer/Vets/Disability