The Manager - Information Security, Technology Risk Management resource will perform security assessments to ensure compliance with internal policies, controls, and standards, as well as client and regulatory security requirements. These assessments include evaluating technological, operational, and process controls to evaluate the design and implementation of security controls. The individual will be responsible for risk and compliance management to include risk assessments, customer requirements, ISO 27001 requirements, PCI DSS requirements, and other regulatory compliance requirements. Additionally, the individual will be responsible for HIPAA audits, PCI DSS audits, Service Organization Controls (SOC) audits, SSAE 16 / ISAE 3402 audits, customer audits, and other compliance / regulatory audits, as needed. **THE SKILLS SET NEEDED** - 7 to 10+ years of experience in IT Security, Risk & Compliance, or IT Audit. Experience and knowledge of information security concepts / principles and audit / risk assessment methodologies required. - Bachelor’s Degree in Computer Science, IT, Security, or related field required. - CISA, CISM, CISSP, CRISC, PCI-QSA, CGEIT (certifications) required. - Excellent oral and written communication skills with the ability to interact and communicate with technical personnel, non-technical personnel, and senior management required. - Master’s degree in related field preferred. - CIA -IIA certifications preferred.