Job Description
The Information Security Risk & Compliance Lead will develop and enhance a technology compliance and risk management program to improve the organization's security. This role involves assessing, reporting, and improving technology risks and compliance globally. You will manage third-party and vendor risk, focusing on offensive security and service provider assessments. Strong decision-making, policy-writing, and team leadership skills are essential.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
• 5+ years as a senior Information Security professional.
• 7+ years managing an enterprise risk register.
• 7+ years developing and reporting InfoSec metrics.
• 7+ years leading offensive security activities (vulnerability scanning, red teaming, penetration testing).
• 7+ years managing policy documentation and improvement (e.g., One Trust).
• 7+ years implementing and managing data retention policies.
• 7+ years in third-party risk management and cyber risk rating tools.
Nice to Have Skills & Experience
• Bachelor's degree in IT, Computer Science, or related field.
• Professional certifications (e.g., CISM, CRISC) preferred.
• Experience with global security programs (UK and US).
• Knowledge of CIS-18, NIST CSF, ISO 27001, and compliance frameworks.
• Skilled in risk assessments and remediation strategies.
• Independent and effective in fast-paced environments.
• Strong writing skills for policies and reports.
• Excellent collaboration and influencing abilities.
• Proven project management and prioritization skills.
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.