Senior Information Risk Leader
$94.2kHighmark Health
Company: Highmark Health Job Description: Job Summary This job works closely with infrastructure architecture/engineering/operations, compliance, privacy, business teams and other areas necessary to identify risks to the business and drive solutions ranging from education and awareness to the adoption of new/existing policies, standards, processes, controls and technologies. The scope of this position is to proactively test for compliance with security policies and procedures and to recommend potential new approaches. This position is required to comply with all HM Health Solutions Corporate Policies and Information Security Policies, Standards and Procedures. Mentor team members. Essential Responsibilities Lead in conducting information risk assessments as assigned to the team. Request and analyze documentation necessary to perform appropriate assessment and conduct necessary interviews in order to collect and review relevant materials necessary to produce results of the assessment. Clearly and concisely document and communicate risk assessment results with requester, security architects and management, as appropriate. Conduct and formulate appropriate risk scoring, as it relates to threat, vulnerability, likelihood, impact, security controls/countermeasures, etc. Understand and contribute to inventory of risk register tracking, scoring and associated risk statements. Perform follow up activities related to assigned risks, ensuring mitigation activities stay on track. Communicate risk treatment methodology, risk avoidance, risk acceptance, risk transference and risk mitigation to appropriate groups. Take lead role in partnering with multiple projects and initiatives to apply security architecture requirements, develop architecture solutions, integrate security into solution designs, access risks of security gaps, and develop architecture remediation. Take lead role with enGen teams in developing and maintaining appropriate procedural documentation which meets relevant compliance standards, such as Payment Card Industry - Data Security Standards (PCI-DSS), Health Information Trust Alliance (HITRUST), and International Organization for Standardization (ISO) 27001. Prepare and present solution decks to different levels of management and varying technical experience. Lead in assuring compliance to required standards, procedures, guidelines and processes. Other duties as assigned or requested. Required Education Bachelor’s Degree - Information Security, Information Systems, Information Assurance, Computer Science or related field Substitutions At least 10 years' experience in Information Security, Governance, Risk and/or Compliance Preferred Education Master’s Degree – Computer Science, Information Security or related field Experience Minimum: 7 - 10 years' experience in Information Security and/or Information Risk Management and/or Information Technology 5 - 7 years' experience within Information Security Governance, Risk and/or Compliance functions and activities 7 - 10 years’ experience developing, communicating and presenting Information Security and Risk Management concepts to varying audiences Familiarity with technologies such as intrusion Prevention Systems (IPS), firewalls, endpoint protection, web/email filtering, Data Loss Prevention (DLP), digital rights management, encryption, Security Event and Incident Management (SEIM), and virtualization platforms Preferred: 10 - 15 years' experience in Information Security and/or Information Risk Management and/or Information Technology Experience working within an information security function using the HITRUST Common Security Framework (HITRUST CSF), or the NIST 800-83 cyber security framework Experience supporting SSAE 16 or SOC 2 Security Trust Principle audits IT / Information security risk advisory experience Governance Risk and Compliance (GRC) tool experience such as ARCHER In-depth understanding of network security architecture, network and networking protocols Security industry organization participation / leadership (HITRUST, ISACA, InfraGard, ISC2, ISSA, etc.) Knowledge, Skills & Abilities Knowledge of HITRUST CSF, NIST 800-83 cyber security framework, PCI, HIPAA, HITECH, COBIT, ISO 27001/2, and ITIL 3 Knowledge of NIST Risk Assessment methodology Familiarity with secure SDLC best practices Ability to work within high performance, multi-discipline teams Strong teamwork and inter-personal skills Familiarity with AI governance frameworks (e.g., NIST AI RMF, ISO/IEC 42001) and how they map to enterprise risk management and existing frameworks (NIST CSF, 800-53) Awareness of secure AI adoption practices, including model lifecycle security, data privacy, and third-party AI/vendor risk considerations Understanding of automation opportunities in cyber risk management, including AI-assisted risk analysis, control validation, and metric generation Required Licensure None Preferred Licensure Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Systems Auditor (CISA), Global Information Assurance Certification Security Essentials Certification (GSEC), SANS or similar industry certifications Travel Requirement 0% - 25% Physical, Mental Demands and Working Conditions ( The physical, mental demands and working conditions described here are representative of those that must be met by an employee to successfully perform the essential function of their job. Reasonable accommodations will be made when necessary to enable individuals with disabilities to perform the essential duties of the position, to the extent that they do not cause undue hardship.) Disclaimer The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job. Compliance Requirement This position adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies. As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company’s Handbook of Privacy Policies and Practices and Information Security Policy. Furthermore, it is every employee’s responsibility to comply with the company’s Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements. Pay Range Minimum: $94,200.00 Pay Range Maximum: $151,000.00 Base pay is determined by a variety of factors including a candidate’s qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets. Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law. We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below. For accommodation requests, please contact HR Services Online at View email address on click.appcast.io California Consumer Privacy Act Employees, Contractors, and Applicants Notice Req ID: J281017 #J-18808-Ljbffr Highmark Health
- Rubrik is seeking a Sr. AI Counsel to guide our AI initiatives while managing legal, privacy, and security risk. The role partners with Product, Engineering, Information Security, and other Legal teams to craft terms and controls around AI usage and product integration....SeniorRisk
- Entarian seeks an experienced Information System Security Manager (ISSM) to lead cybersecurity, risk management, and accreditation for critical DoD/federal systems. The role requires strategic oversight of RMF activities and serving as the cybersecurity liaison to ISSOs...SeniorRisk
$100k - $195k
HDR is looking for a Senior Integrated Water Resources Planner/Engineer to join their Water Resources team in Denver, Colorado. This role... ..., requiring extensive technical experience in water supply and risk management. The ideal candidate will have at least 10 years of...SeniorRisk- Cardinal Health, Inc. is seeking a Denver North EHS Advisor to develop and implement EHS solutions aimed at managing risks for employees, facilities, and communities. The candidate will work closely with leadership to ensure compliance with regulations while fostering an...SeniorRisk
- Sorren is seeking an experienced Assurance Engagement Leader to plan, execute, and deliver the firm’s most complex and high-risk engagements, including audits and reviews, across diverse industries in Colorado. You will guide GAAP/GAAS interpretation, manage budgets, and...SeniorRisk
- ...community of technical experts. You will contribute to the innovation of banking in the cloud, partner with teams to architect intelligent risk management products, and ensure engineering excellence. A candidate must have extensive experience in software engineering, cloud...SeniorRiskRemote job
- ...quality care, compliance, and collaborative leadership with the ED and leadership team. Responsibilities include recruiting, payroll, risk management, accounting, safety, and cross‑department teamwork to deliver a rewarding resident experience. #J-18808-Ljbffr Ivy...SeniorRisk
- NUTC - Northwestern University Transportation Center is seeking a Senior Manager of Environmental Programs to oversee compliance and risk management for its railroads. This role involves developing and implementing compliance frameworks, supporting audit processes, and...SeniorRiskRemote job
- First Interstate Bank is seeking a Senior Internal Auditor to support its strategic objectives by evaluating and enhancing the effectiveness of governance, risk management, and internal controls. The role involves conducting audits across all areas of the organization....SeniorRisk
$147k - $170k
Leprino Foods in Denver is seeking a Senior Manager, Cybersecurity, to lead enterprise cybersecurity and reduce risks. This role is pivotal in guiding security strategy and ensuring reliable business operations across the organization. Ideal candidates will have over 8...SeniorRisk$150.03k - $224.25k
...devices, with 5-8 years of experience in pharmaceuticals or medical devices. The candidate will manage design history files, facilitate risk assessments, and support technical documentation. Benefits include comprehensive medical coverage, flexible time off, and a salary...SeniorRiskFlexible hours- Integrated Power Services (IPS) seeks a senior safety leader to shape and drive health, safety, and environmental programs across its Denver facility... ...compliance, and deliver training and audits that reduce risk and protect employees. This role requires strong leadership,...SeniorRiskShift work
- ...with complex needs. This role focuses on managing existing relationships and acquiring new clientele, while ensuring compliance with risk management standards. The ideal candidate should possess over 7 years of commercial banking experience, exemplary client...SeniorRisk
- Pie Insurance is seeking a Senior Underwriter to lead daily underwriting output, mentor team members, and represent underwriting in cross... ...-paced, remote environment. The position emphasizes pricing, risk selection, and strong partner relationships, with opportunities...SeniorRiskRemote job
$100k - $125k
RT Specialty, LLC is looking for a Lead Account Executive (Senior Underwriter) in Denver responsible for managing a profitable portfolio... ...requires strong underwriting skills, broker engagement, and risk evaluation. The ideal candidate will possess extensive experience...SeniorRiskRemote work- Community Banks of Colorado is seeking a Senior Compliance Specialist to enhance its lending compliance program. This role involves training Compliance Specialists, reviewing compliance risk assessments, and assisting in compliance program management. Candidates must have...SeniorRiskWork at office
- Modivcare is seeking an experienced Senior Internal Auditor to join their team in Denver, Colorado. This role entails executing internal audits and advisory services while supporting enterprise risk management. The ideal candidate should have a Bachelor's Degree and at...SeniorRisk
$100k - $150k
Job Description The Senior Information Security Compliance Analyst is a key member of the SRO Compliance & Portfolio Management team, responsible... ...assessments, monitoring compliance efforts, managing risk, and providing expert guidance to stakeholders to ensure the...SeniorRiskWork experience placement- Bally's Corporation seeks a Senior Internal Auditor to identify risk and develop the internal control testing universe, executing the annual audit plan across the company's operations. The role assesses design and operating effectiveness of controls, interfaces with leadership...SeniorRisk
- HelloFresh is looking for a Senior Labor Planning Analyst to maintain capacity for operations and support hiring plans across U.S. distribution... ...labor plans, tracking progress, and assessing operational risks. You will receive a competitive hourly rate, health benefits,...SeniorRiskHourly pay
- Janus Henderson Investors is seeking a Senior Associate Director for Distribution Compliance in the U.S. to lead the review of marketing... ...to build scalable frameworks, embed governance, and drive risk-based guidance. This role requires deep regulatory knowledge and...SeniorRisk
- Fortis Bank, based in Denver/Salt Lake City markets, seeks an Information Security Officer responsible for protecting sensitive data, ensuring regulatory compliance, and minimizing risk in a changing threat landscape. The role requires expertise in banking regulations,...Risk
- ...Candidates must have extensive experience, strong communication skills, and must be US citizens. This position offers the opportunity to travel internationally and requires 9-10 years in information systems operations and IT audits. #J-18808-Ljbffr DBA Web TechnologiesSeniorRisk
$60 - $70 per hour
We are seeking a Senior Auditor to join our Internal Audit team and... ...operational performance, and risk management. This role offers... ..., partner with business leaders, and identify meaningful improvements... ...mental disability, genetic information, veteran status, or any other...SeniorRiskFor contractorsInterim role$138.32k
.... Performs ongoing review of project status, monitors project risks and escalates as appropriate. Manages project change using change... ...mental disability, veteran status, citizenship status, genetic information or any other characteristic protected by applicable law. #J-18...SeniorRiskContract workWork experience placementFor subcontractorLocal area$111.35k - $150.65k
...Release Management Specialist Experienced, Senior or Lead Join to apply for the Change and... ...the system so that during audits all information is correct. You also have strong interpersonal... ...and senior leadership Manage risks and resolves issues that impact release...SeniorRiskFull timeWork experience placementLocal areaImmediate startRelocationVisa sponsorshipWork visaRelocation packageFlexible hoursShift workDay shift$100k - $125k
...The Lead Account Executive serves as a Senior-level Transportation Underwriter responsible... ...evaluates complex transportation risks, develops strong distribution relationships... ...health services, and more. For additional information about Ryan Specialty Total Rewards,...SeniorRiskFull timeWork experience placementRemote work$133.37k - $156.9k
...highly experienced and strategic technology leader to serve as Vice President - Manager of... ..., and vendor management. Security, Risk & Compliance Ensure adherence to enterprise... ...least 10 years of experience within a total Information Technology (IT) environment. Preferred...SeniorRiskTemporary workWork experience placement3 days per week- Leprino Foods Company in Denver is seeking a Senior Risk & Insurance Analyst to enhance our insurance and risk management programs. This... ...evaluating risk, and maintaining compliance while supporting informed business decisions. The ideal candidate will have a Bachelor’s...SeniorRisk
- ...position requires hands-on engineering in RF design and analysis with responsibilities spanning schematic capture, vendor oversight, and leading integration efforts. A commitment to developing risk mitigation strategies is also essential in this role. #J-18808-Ljbffr ViasatSeniorRisk
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Information Risk Leader. Be the first to apply!
- team lead data science Denver, CO
- clinical team leader Denver, CO
- assistant team manager Denver, CO
- quality assurance team leader Denver, CO
- group product manager Denver, CO
- leader Denver, CO
- member team lead Denver, CO
- application team lead Denver, CO
- helpdesk team lead Denver, CO
- disability team leader Denver, CO
