Security Risk Management Contractor

Security Risk Management Contractor


Start Date: 
Duration:9-10 Months

Windows Management Experts (WME) is seeking a motivated and experienced Security Risk Management Contractor Role to join one of our client companies. Our client company is an Advisory, Assurance, Tax Firm. You will focus on the meticulous completion of inbound and outbound vendor risk forms.

This role demands a keen eye for parsing complex questions and leveraging an existing comprehensive library of answers and documents to provide accurate and relevant responses. The ideal candidate will collaborate closely with customer teams to continually update and maintain this critical library. They will ensure that all information is current, relevant, and effectively addresses our client’s security and compliance requirements.

This position requires a blend of technical understanding, risk management acumen, and strong communication skills to ensure that our security protocols meet the highest standards. You will also make sure that their responses to vendor inquiries are both timely and informative.

Lastly, the successful candidate will be a self-motivated individual, who can work effectively in dynamic conditions and within deadlines. That said, the preferred candidate should expect to work 40 hours per week and should be flexible enough to work part-time hours as well.


The work timings will be from 8:00 am to 5:00 pm CT.

Required SkillsQualifications/Education:

  • A bachelor’s degree from an accredited college/university with Computer Science, Software Engineering, or Information Technology as its major coursework.
  • 5+ years of experience with Security Risk Management.
  • Deep understanding of common IT compliance frameworks to ensure adherence to industry standards.
  • Ability to write clearly and concisely, making complex information accessible.
  • Skilled in interpreting both technical and cybersecurity-related inquiries.
  • Proficient in correlating queries with answers from an existing knowledge base.
  • Capable of updating the knowledge base with new information as it becomes available.
  • Expertise in crafting responses that outline compensating controls for remediating vendor risk survey questions.
  • Ability to elaborate on simple answers with detailed explanations.
  • Experience in responding effectively to customer business units.
  • Expanding upon simple answers with appropriate detail
    • Ex. “Do you secure PHI?” “Yes, and here is our process…”
  • Strong time management skills, with a commitment to meeting defined Service Level Agreements (SLAs).
  • Excellent organizational skills and communication skills.
  • Experience in reporting on the status of assigned tasks, including inbound and outbound forms.
  • Ability to communicate effectively about blockers and enablers in the workflow.
  • Skilled in setting clear expectations regarding the impact of blockers on response times and quality.
  • Proficient in navigating and resolving challenges to maintain progress and achieve objectives.

Responsibilities of the Desired Security Risk Management Contractor:

  • Conduct thorough assessments of IT compliance frameworks to identify and mitigate risks.
  • Draft comprehensive reports that detail assessment findings and recommendations.
  • Analyze technical and business IT security queries to provide informed interpretations.
  • Utilize and update the knowledge base to ensure accurate and current responses to inquiries.
  • Develop and refine compensating control strategies to address identified vulnerabilities in vendor risk surveys.
  • Enhance simple affirmative responses with detailed explanations of processes and procedures, especially regarding data protection practices like PHI security.
  • Engage with customer business units to understand their security concerns.
  • Manage tasks effectively to adhere to strict SLAs, ensuring timely responses and actions.
  • Maintain documentation related to risk assessments, remediation plans, and compliance checks.
  • Communicate effectively with team members and stakeholders to provide updates and gather necessary information.
  • Regularly report on the status of risk management activities, highlighting progress and any outstanding issues.
  • Identify and communicate potential blockers to timely task completion.
  • Collaborate with teams to understand the impact of identified risks and the effectiveness of proposed controls.
  • Stay informed about emerging security threats and compliance regulations.
  • Facilitate training and awareness sessions for internal teams to foster a culture of security and compliance awareness.

Core Values:

  • Integrity (Doing What’s Right)
  • Inclusion (Encouraging Diversity)
  • Teamwork (Working Together)
  • Excellence (Being Your Best)
  • Accountability (Taking Personal Responsibility)

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.



Apply for this Job

    You can opt out if you are not interested in updates about this job and related jobs.

    On Key

    More Posts

    Senior Security Consultant Required by WME

    Senior Security Consultant

      Position: Full-Time / Part-Time Location:  Remote Start Date:  ASAP Nationality: Any Windows Management Experts (WME) is looking for a Senior Security Consultant role for one of our valued partners. This position provides consultation and direction around Microsoft security solutions to meet strategic and tactical

    Read More »
    DNS Migration Architect

    DNS Migration Expert

    Location:       Remote Work Nationality:   ANY Position:        FULL-TIME Start Date:     ASAP Windows Management Experts (WME) is looking for a motivated & experienced DNS Migration Architect. This role would focus on designing the strategy and overall architecture for migrating DNS services

    Read More »
    Regulatory & Compliance Engineer

    Regulatory and Compliance Engineer

    Position: Full-Time Location:  Remote Start Date:  ASAP Nationality: Any Windows Management Experts (WME) is looking for a motivated and experienced Regulatory and compliance Engineer to join one of our client companies. As a Regulatory and compliance Engineer, your focus will be on tools and regulations

    Read More »
    Security Engineer-Architect

    Security Engineer/Architect

      Position: Full-Time Location:  Remote Start Date:  ASAP Nationality: Any Windows Management Experts (WME) is looking for a motivated and experienced Security Engineer/Architect Role to join one of our client companies. As a Security Engineer, your focus will be on solutions and tools like Microsoft

    Read More »
    Cloud Engineer-AWS and Azure

    Cloud Engineer – AWS and Azure

    Position:         Full-Time Location:        Remote Start Date:      ASAP Nationality:     ANY Windows Management Experts (WME) is looking for a Cloud Migration Engineer (AWS to Azure) role for one of our valued clients. The Cloud Migration Engineer

    Read More »

      You can opt out if you are not interested in updates about this job and related jobs.