Operational Risk Manager

Vienna, Virginia

 RED SKY Consulting
Apply for this Job
Job Title: Operational Risk Manager

Location: Vienna, Virginia; Pensacola, FL; or Winchester, VA (Hybrid; Ideally 3x a week onsite for manager level)

Role Type: Direct Hire

Job Description:

Responsible for overseeing the identification, evaluation, and mitigation of technical risks across the organization's IT systems and infrastructure. Oversees operational Issues management with a strong focus on partnership and collaboration on Information Security and Third-party risk management program. Plays a critical part in ensuring that technology-related risks are adequately managed, compliant with regulatory requirements, and aligned with the organization's overall risk management strategy. Manages professionals and is accountable for the performance and results of a team. Decisions are guided by policies, resources, and business plan. Develop, manage, and guide execution of operational initiatives to achieve tactical objectives.

Responsibilities:
  • Identify and assess technical risks associated with systems, applications, networks, and infrastructure.
  • Serve as Security subject matter expert to support, coach, and mentor junior level team members.
  • Function as a liaison and advisor, on behalf of the Digital business unit, to the Security business unit (Security). Partner and develop strong relationships with key stakeholders and foster collaboration and engagement, ensuring program alignment.
  • Manage Issues and set clear objectives, define scope, ensure alignment with stakeholders, execute a plan of action, and review and address findings in a timely manner.
  • Work with IT teams to analyze emerging technologies and their associated risks.
  • Develop a strong understanding of the technical and administrative controls needed to secure digital applications and the underlying technologies used to build them.
  • Oversees compliance with corporate standards; assists in defining new standards and refines existing standards related to Security, Issues Management and Third-Party risk programs.
  • Develop and implement risk mitigation strategies to reduce the impact of technical risks on the organization.
  • Design and deploy controls, processes, and procedures to manage identified risks.
  • Ensure that technical systems adhere to industry best practices and regulatory standards (e.g., ISO, NIST, GDPR).
  • Develop and maintain technical risk management policies, procedures, and frameworks.
  • Ensure compliance with internal policies and external regulations (e.g., data privacy, cybersecurity laws).
  • Collaborate with legal, compliance, and internal audit teams to ensure alignment on technical risk issues.
  • Lead and coordinate the response to technical incidents and breaches, including root cause analysis and remediation efforts.
  • Collaborate by actively working across business lines to document procedural and technical interdependency document workflows.
  • Work with cybersecurity teams to address vulnerabilities and improve overall security posture for Digital.
  • Collaborate with and lead cross-functional teams including IT, operations, compliance, and business units to communicate risks, provide guidance on mitigation strategies and document areas for improvement
  • Present technical risk reports to senior management and board members, highlighting key risk areas and proposed actions.
  • Support and contribute to the Digital Risk and Control Self-Assessment, Third Party Risk Management, and Issues Management programs.
  • Oversee risk assessments of Third party and vendor management program.
  • Establish processes for continuous monitoring of key technical risks.
  • Produce regular risk reports, dashboards, and metrics to provide visibility into the organization's technical risk landscape.
  • Stay up to date with the latest industry trends, regulations, and best practices to continuously improve the risk management function.
  • Evaluate and manage risks associated with third-party vendors and service providers.
  • Conduct risk assessments and reviews of external partners, ensuring compliance with contractual and regulatory requirements.
  • Provide regular reporting and analytics to senior management and stakeholders.
  • Lead and mentor a team of technical risk analysts or engineers.
  • Provide ongoing training and development opportunities to ensure the team is up to date on the latest risk management practices and technologies.
Qualifications:
  • Extensive hands-on experience conducting risk assessments, vulnerability assessments, and penetration testing to identify areas of risk exposure and improve overall security posture for Digital Business Unit
  • Strong understanding of the technical and administrative controls needed to secure digital applications and the underlying technologies used to build them.
  • Advanced communication and presentation skills to lead and collaborate with legal, compliance, and internal audit teams and present technical risk reports to senior management and stakeholders.
  • Hands-on experience with technical Issues management, setting clear objectives; scope definition to align with stakeholders; action plan execution and timely review of findings.
  • Hands-on experience overseeing compliance with corporate standards; defining and refining new and existing Security standards applicable to Digital, Issues Management and Third-Party risk programs.
  • Hands-on experience evaluating and managing risks associated with third-party vendors and service providers.
  • Experience ensuring technical systems adhere to industry best practices and regulatory standards (e.g., NIST, ISO).
  • Strong knowledge of information security concepts, and best practices with proven experience with cybersecurity and risk management frameworks such as NIST 800-53, CIS, and ISO 27001.
  • People management experience.
  • Significant issues management and remediation experience.
  • Significant cybersecurity & IT governance experience.
  • Excellent verbal and written communication skills, with the ability to translate technical risks into business language for non-technical stakeholders.
  • Expert analytical/quantitative, reconciliation, and deductive reasoning skills.
  • Effective skill in building strategic and tactical-focused plans and alliances with stakeholders and leaders.
  • Advanced communication and presentation skills; ability to persuade and influence; communicate complex information in an easily understandable manner.
  • Bachelor's degree in computer science, Information Technology, Engineering, or related technical field, or the equivalent combination of training, education, and experience.
Desired Qualifications:
  • Master's Degree in related field or equivalent combination of training, education, and experience
  • Certified Information Systems Security Professional (CISSP)
  • Certified Risk and Information Systems Control (CRISC)
  • Certified Information Security Manager (CISM)
THIS IS A GREAT OPPORTUNITY WITH A FIRST-CLASS COMPANY

Operational Risk Manager

RED SKY Career Opportunities at: redskyconsulting.co/career-portal

Operational Risk Manager

RED SKY Consulting Candidate and Client Referral Program.

2500

Do you know other IT professionals?

Turn those relationships into Money & help friends get work

RED SKY Consulting is offering a fantastic opportunity for you to earn extra money.

If you refer to us a Manager of people or skilled professionals, we will link your name to that person for 18 months.

If we employ or place that individual or place people into that company thru that manager

Operational Risk Manager

RED SKY Consulting Company Overview:

We are an IT and Cybersecurity staffing solutions, professional services, management consulting, and executive placement company with thousands of resources across multiple IT and Cybersecurity skill sets. Our primary US locations are Chicago, New York, Los Angeles, Atlanta, Nashville, Tampa and Denver and we have organizational arms in other domestic cities along with offshore alliances in India and Ireland. RED SKY has a 15+ year history of providing great technology talent. RED SKY has many clients including; 7 of the Fortune 10, half of the Fortune 100, and 25% of the Fortune 500 companies within the manufacturing, financial services, health care, government, consumer services, insurance, and several other industry verticals represented.

The RED SKY Foundation is being formed and will be providing fully funded college educations to underprivileged young adults in partnership with our clients starting 2022.

Keys: Operational Risk, Third Party Risk Management, Risk Assessments, Vulnerability, Operational Risk, Third Party Risk Management, Risk Assessments, Vulnerability, Operational Risk, Third Party Risk Management, Risk Assessments, Vulnerability

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Date Posted: 13 April 2025
Apply for this Job
Show me similar jobs
Send me jobs by email