Cvent is an exciting, fast-growing tech company that provides industry-leading software to event professionals around the world. Our suite of services – online event registration, venue selection, mobile apps, email marketing, web surveys, and targeted hotel advertising opportunities – have positioned us a major player in the estimated $565 billion global meetings and events industry.
Cvent’s rapidly growing information security organization is seeking to hire a Lead Enterprise Risk Management to join its Information Security Risk Management and Compliance team. The role will provide guidance, leadership and support for maturing and optimizing information security risk management across Cvent’s expanding global footprint.
What You Will Be Doing
- Provide leadership, innovation, governance, and management necessary to identify, evaluate, mitigate, and monitor the company's operational and strategic risks related to IT Security.
- Develop Enterprise Risk Management processes, methodologies, practices, and policies to identify analyze and report enterprise security risks.
- Ensure the organization's information security risk management policies and strategies are in compliance with applicable frameworks like PCI DSS, ISO 27001, SOC2, applicable regulations, rating agency standards, and strategic imperatives of the organization.
- Establish the Enterprise Security Information Risk Management architecture for the company.
- Understand the business domain, workflows and keep up with the agility of the processes for continuous risk assessments
- Collaborate with cross-functional teams to identify departmental processes and associated Data Security risks.
- Leverage existing tools and bring on new tools to strengthen the security risk management process and provide enhancements and improved analysis and reporting capabilities
- Serve as a liaison subject matter expert for the enterprise for evaluating and analyzing reported potential security risks
- Liaison with project teams to identify risks in their processes, tools and day to day activities.
- Oversee or monitor all operational information security risk management activities of the organization on an ongoing basis.
- Monitor and analyze risks within the company's business units and reports on these risks.
- Perform other duties as assigned