Yesterday
Top Secret
Mid Level Career (5+ yrs experience)
IT - Security
Position Overview
Horizon Global Partners (HgP) is seeking a Senior Enterprise Risk Assessment Specialist to join our growing team. This role is crucial in assessing, managing, and mitigating IT and operational risks across key US governmental clients' global program operations, technology systems, implementing mechanisms, and agency engagements. The ideal candidate will have a strong background in enterprise risk assessment, IT risk management, cybersecurity governance, and compliance frameworks. This position requires the ability to identify strategic and operational risks, analyzing their impact, and developing proactive risk mitigation strategies that align with the client's mission and industry best practices.
Key Responsibilities
Enterprise Risk Management (ERM) & IT Risk Assessment
• Lead and execute comprehensive enterprise and IT risk assessments across critical business functions, IT systems, cloud environments, and cybersecurity operations.
• Identify, evaluate, and prioritize strategic, operational, compliance, and technology risks that may impact HgP’s business continuity, federal contracts, and partner engagements.
• Develop and implement a risk assessment framework that aligns with ISO 31000, COSO ERM, and NIST RMF to enhance organizational resilience.
• Provide expert recommendations to executive leadership, IT teams, and project managers to address risk vulnerabilities and improve governance.
• Conduct business impact analyses (BIA) to assess the potential consequences of IT and operational risks, ensuring robust risk response strategies.
IT Security, Compliance & Governance
• Ensure compliance with U.S. federal, defense, and international cybersecurity regulations such as NIST 800-53, ISO 27001, FISMA, CMMC, DFARS, GDPR, and FedRAMP.
• Develop and oversee IT security policies, enterprise risk governance strategies, and control frameworks to mitigate cyber threats and regulatory risks.
• Conduct third-party/vendor risk assessments, ensuring that external service providers and partners adhere to HgP’s cybersecurity and compliance requirements.
• Support internal and external cybersecurity audits, control assessments, and compliance reviews, identifying gaps and remediation actions.
• Collaborate with IT, finance, legal, and operational teams to integrate risk management into enterprise-wide decision-making.
Incident Response & Risk Mitigation
• Lead and support cybersecurity incident response investigations, ensuring that risks are assessed, documented, and mitigated effectively.
• Develop enterprise risk mitigation strategies for IT operations, cloud deployments, business continuity, and data protection initiatives.
• Ensure that critical IT systems, infrastructure, and defense-related projects have the necessary risk controls and contingency plans in place.
• Partner with CISO, CIO, and executive leadership to strengthen the company’s risk posture through continuous monitoring and risk intelligence.
Stakeholder Engagement & Reporting
• Present enterprise risk reports, cybersecurity assessments, and mitigation plans to senior leadership, government agencies, and external auditors.
• Develop executive risk dashboards, key risk indicators (KRIs), and risk treatment plans to enhance strategic decision-making.
• Provide training and guidance to business units on enterprise risk management (ERM) best practices, IT governance, and compliance strategies.
Required Qualifications
• Bachelor’s degree in Information Security, Computer Science, Risk Management, Business Administration, or a related field (Master’s preferred).
• 7+ years of experience in IT risk management, cybersecurity governance, enterprise risk management (ERM), and compliance frameworks.
• Strong expertise in risk assessment methodologies (FAIR, OCTAVE, ISO 27005) and IT security frameworks (NIST 800-53, CIS, COBIT, COSO ERM).
• Experience in developing enterprise-wide risk policies, conducting risk audits, and managing cybersecurity governance programs.
• Hands-on experience with risk management tools, vulnerability scanning platforms, and governance, risk, and compliance (GRC) solutions.
• Knowledge of cloud security best practices (AWS, Azure, Google Cloud), zero trust architecture, and advanced threat intelligence.
• Industry-recognized certifications (CISSP, CISM, CRISC, CISA, or CGEIT) are highly desirable.
Preferred Qualifications
• Experience in U.S. government, DoD, or defense contractor risk management programs.
• Knowledge of supply chain risk management (SCRM), business continuity planning (BCP), and vendor risk assessment strategies.
• Understanding of secure software development lifecycle (SDLC), DevSecOps, and emerging cybersecurity technologies.
• Ability to lead cross-functional teams, conduct risk workshops, and implement risk awareness programs across the organization.
Why Join HgP?
• Work on high-impact enterprise risk and cybersecurity projects supporting U.S. Defense, federal agencies, and global partner missions.
• Be part of a mission-driven team that is committed to protecting critical IT systems and enhancing global security operations.
• Competitive salary, comprehensive benefits, and career growth opportunities in a fast-growing international company.
• Shape the future of enterprise risk and IT security governance at HgP as we expand our footprint in key markets worldwide.
If you are a strategic thinker, enterprise risk leader, and IT security expert, we encourage you to apply and be part of our dynamic, forward-thinking organization.
Horizon Global Partners (HgP) is seeking a Senior Enterprise Risk Assessment Specialist to join our growing team. This role is crucial in assessing, managing, and mitigating IT and operational risks across key US governmental clients' global program operations, technology systems, implementing mechanisms, and agency engagements. The ideal candidate will have a strong background in enterprise risk assessment, IT risk management, cybersecurity governance, and compliance frameworks. This position requires the ability to identify strategic and operational risks, analyzing their impact, and developing proactive risk mitigation strategies that align with the client's mission and industry best practices.
Key Responsibilities
Enterprise Risk Management (ERM) & IT Risk Assessment
• Lead and execute comprehensive enterprise and IT risk assessments across critical business functions, IT systems, cloud environments, and cybersecurity operations.
• Identify, evaluate, and prioritize strategic, operational, compliance, and technology risks that may impact HgP’s business continuity, federal contracts, and partner engagements.
• Develop and implement a risk assessment framework that aligns with ISO 31000, COSO ERM, and NIST RMF to enhance organizational resilience.
• Provide expert recommendations to executive leadership, IT teams, and project managers to address risk vulnerabilities and improve governance.
• Conduct business impact analyses (BIA) to assess the potential consequences of IT and operational risks, ensuring robust risk response strategies.
IT Security, Compliance & Governance
• Ensure compliance with U.S. federal, defense, and international cybersecurity regulations such as NIST 800-53, ISO 27001, FISMA, CMMC, DFARS, GDPR, and FedRAMP.
• Develop and oversee IT security policies, enterprise risk governance strategies, and control frameworks to mitigate cyber threats and regulatory risks.
• Conduct third-party/vendor risk assessments, ensuring that external service providers and partners adhere to HgP’s cybersecurity and compliance requirements.
• Support internal and external cybersecurity audits, control assessments, and compliance reviews, identifying gaps and remediation actions.
• Collaborate with IT, finance, legal, and operational teams to integrate risk management into enterprise-wide decision-making.
Incident Response & Risk Mitigation
• Lead and support cybersecurity incident response investigations, ensuring that risks are assessed, documented, and mitigated effectively.
• Develop enterprise risk mitigation strategies for IT operations, cloud deployments, business continuity, and data protection initiatives.
• Ensure that critical IT systems, infrastructure, and defense-related projects have the necessary risk controls and contingency plans in place.
• Partner with CISO, CIO, and executive leadership to strengthen the company’s risk posture through continuous monitoring and risk intelligence.
Stakeholder Engagement & Reporting
• Present enterprise risk reports, cybersecurity assessments, and mitigation plans to senior leadership, government agencies, and external auditors.
• Develop executive risk dashboards, key risk indicators (KRIs), and risk treatment plans to enhance strategic decision-making.
• Provide training and guidance to business units on enterprise risk management (ERM) best practices, IT governance, and compliance strategies.
Required Qualifications
• Bachelor’s degree in Information Security, Computer Science, Risk Management, Business Administration, or a related field (Master’s preferred).
• 7+ years of experience in IT risk management, cybersecurity governance, enterprise risk management (ERM), and compliance frameworks.
• Strong expertise in risk assessment methodologies (FAIR, OCTAVE, ISO 27005) and IT security frameworks (NIST 800-53, CIS, COBIT, COSO ERM).
• Experience in developing enterprise-wide risk policies, conducting risk audits, and managing cybersecurity governance programs.
• Hands-on experience with risk management tools, vulnerability scanning platforms, and governance, risk, and compliance (GRC) solutions.
• Knowledge of cloud security best practices (AWS, Azure, Google Cloud), zero trust architecture, and advanced threat intelligence.
• Industry-recognized certifications (CISSP, CISM, CRISC, CISA, or CGEIT) are highly desirable.
Preferred Qualifications
• Experience in U.S. government, DoD, or defense contractor risk management programs.
• Knowledge of supply chain risk management (SCRM), business continuity planning (BCP), and vendor risk assessment strategies.
• Understanding of secure software development lifecycle (SDLC), DevSecOps, and emerging cybersecurity technologies.
• Ability to lead cross-functional teams, conduct risk workshops, and implement risk awareness programs across the organization.
Why Join HgP?
• Work on high-impact enterprise risk and cybersecurity projects supporting U.S. Defense, federal agencies, and global partner missions.
• Be part of a mission-driven team that is committed to protecting critical IT systems and enhancing global security operations.
• Competitive salary, comprehensive benefits, and career growth opportunities in a fast-growing international company.
• Shape the future of enterprise risk and IT security governance at HgP as we expand our footprint in key markets worldwide.
If you are a strategic thinker, enterprise risk leader, and IT security expert, we encourage you to apply and be part of our dynamic, forward-thinking organization.
group id: 91140176
