Manager Risk Management Position Available In Miami-Dade, Florida
Tallo's Job Summary: The Manager Risk Management role involves leading first-party risk assessments, translating technical risks into business terms, and building a mature risk management program. The ideal candidate will have 5+ years of experience in risk management, security, or IT governance, with strong knowledge of First Party Risk Management and risk management frameworks. Excellent communication skills and familiarity with security standards are required. Preferred certifications include CISSP, CISA, or CRISC.
Job Description
This is an individual contributor role within a growing Governance, Risk, and Compliance (GRC) team , focused on First Party Risk Management rather than compliance or third-party risk. The ideal candidate will lead risk assessments, influence team direction , and potentially oversee future hires. The role involves translating technical risk findings into business terms for executive leadership and building a mature risk management program. Core Responsibilities Lead and evolve information security governance , including policies, standards, and controls. Perform first-party risk assessments through interviews, documentation review, and technical analysis. Identify risk drivers, mitigating controls, and business impacts. Translate technical risks into business language for CIO-level and executive presentations . Act as a liaison across IT, Cybersecurity, Compliance, Privacy, Internal Audit, and Business Units . Build treatment plans with business owners and support change management. Analyze governance models to find and address gaps. Coordinate risk-related activities within broader IT and security projects. Required Skills & Experience 5+ years in risk management, security, or IT governance . Strong experience in First Party Risk Management (not just compliance or third-party risk). Experience with risk management frameworks and methodologies (e.g., FAIR, Open FAIR, Bayesian ). Experience leading projects (BA/PM type work); able to coordinate without PMO support. Skilled at performing risk analysis , governance gap assessments, and policy development. Familiarity with GRC tools (e.g., Archer, OneTrust ). Excellent communication skills – ability to translate technical risk for business stakeholders. Familiar with security standards, regulatory compliance , and best practices. Nice-to-Have Skills Understanding of AI platforms and the risks associated with AI solutions (e.g., Copilot).
General IT knowledge:
networking, cloud, sys admin, and software development . Experience with training and awareness programs , including phishing tests and LMS platforms (e.g., LMS 360).
Certifications:
CISSP, CISA, CRISC
, or similar preferred.
