Job Title: Enterprise Risk Manager
This is an outstanding opportunity for a seasoned risk management professional to spearhead a highly visible program within a prominent national organization.
As the lead for enterprise-wide risk, you will be responsible for driving change across procurement, legal, IT, architecture, and cybersecurity teams.
Work on a diverse portfolio of high-impact projects involving AI/ML, OT/IoT, and national infrastructure initiatives. Your contributions will have a direct impact on GRC leadership, cybersecurity strategy, and regulatory compliance at scale.
Key Highlights:
* Autonomy & Impact: You will be the driving force behind third-party risk management, shaping workflows, assessments, and reporting systems that form a critical part of the organization's cyber maturity journey.
* Complex Environment: Work with a wide range of vendors, developing controls, building automated workflows, reviewing supplier risks, and driving continuous improvement in how we assess and respond to threats.
* Strong Internal Visibility: Your work will directly support GRC leadership, cybersecurity strategy, and regulatory compliance at scale.
* Build Something That Lasts: Shape assessments, reporting systems, and workflows that will last and contribute to the organization's long-term success.
Responsibilities:
* Lead third-party risk assessments, due diligence, and vendor onboarding for critical suppliers.
* Review and assess supplier security documentation (SOC2, ISO 27001, NIST, PCI DSS, etc.).
* Develop streamlined onboarding workflows and interactive risk profiling tools.
* Conduct technical architecture reviews and evaluate suppliers' use of AI, OT, and IoT technologies.
* Collaborate with procurement, legal, and internal IT teams to integrate risk into contracts and processes.
* Manage risk registers, escalate issues, and provide risk reports and insights to senior stakeholders.
Requirements:
* 3+ years of experience in risk management, cybersecurity, IT risk, or vendor governance.
* Strong grasp of risk frameworks and security standards (ISO 27001, NIST, GDPR, etc.).
* Excellent stakeholder engagement and documentation skills.
* Relevant qualifications (e.g., CISSP, CISM, CRISC, CISA) preferred.
* Strong analytical mindset with a delivery-focused approach.
Benefits:
* 12-Month Fixed-Term Contract.
* Full-time, hybrid working arrangement.
Other Opportunities:
* The chance to make a real impact across the organization.