Information Security Risk Manager

COMPANY

Allspring Global Investments™ is a leading independent asset management firm that offers a broad range of investment products and solutions designed to help meet clients' goals. At Allspring, our vision is to inspire a new era of investing that pursues both financial returns and positive outcomes. With decades of trusted experience propelling us forward, we strive to build portfolios aimed at generating successful outcomes for our clients. We do this through the independence of thought that powers our investment strategies and by bringing a renewed approach to look around the corner to unlock what's possible.  Allspring is a company committed to thoughtful investing, purposeful planning, and the desire to deliver outcomes that expand above and beyond financial gains. For more information, please visit About Us - Allspring Global Investments.

At Allspring, unique views inspire us. We leverage the diversity of people, ideas, and skills to help our clients pursue their financial goals. We strive to attract and retain a diverse talent pool that enables us to better serve our global client base. Intentionally fostering a diverse and inclusive culture allows us to empower innovation, productivity, and engagement. It’s also essential for elevating the experience of our clients as well as the communities in which we operate. Thank you for considering Allspring as you explore the next step in your career journey.

POSITION

Allspring is seeking a Senior Information Security Risk Manager to join the Allspring Information Security team. The Risk Manager will be based in the US and will establish the firm’s Information Security and cybersecurity strategy in accordance with industry standards and best practices.

RESPONSIBILITIES

• Contribute to all Information Security policies and procedures.
• Ensure that the organization’s Information Security program is consistently enforced across Allspring and the regions in which we operate
• Monitor cybersecurity threats and vulnerabilities to determine the risks they pose to the business and qualify potential impact and responses
• Collect and analyze security metrics, Key Performance Indicators (KPIs), and Key Risk Indicators (KRIs) to present meaningful and actionable information to the CISO, Engineering Technology, business leaders, and the Security and Technology Committee.
• In coordination with HR, design Information Security training for employees to meet all security requirement and cybersecurity threats
• Perform risk assessments for the company and critical business components as it relates to Information Security threats and risks.
• Maintain the Information Security maturity assessment and roadmap.
• Act as an expert advisor and build strong relationships with technology groups, business, risk, compliance, and legal.
• Identify Information Security Risks, options to mitigate and manage those risks, and maintain the Security Risk register in collaboration with the rest of the Information Security team.
• Participate as a partner in design of new products and services ensuring that Information Security best practices are baked into the design and implementation
• Form and implement and enforce industry best practices.
• Collaborate and consult with key technical experts, technology team, and external industry groups to resolve complex technical issues and achieve goals

QUALIFICATIONS

• Bachelor’s degree or higher MIS, CS or other technology related field
• 8+ years of Information Security experience, preferably in Financial Services, Technology, or related field, with specialized skills in information and cyber Security Risk management
• Be able to multi-task in a fast-paced environment and prioritize duties to meet deadlines with limited supervision
• Proven strong verbal and written communication skills
• Effective influencing and consensus-building skills
• Strategic focus on problem-solving
• Strong teaching and mentoring skills
• Strong presentation and communication skills
• Position may require occasional travel outside of primary work location
• AWS or other hyperscale cloud provider experience
• Proven experience working effectively in heavily distributed environment
• Consulting experience is a plus
• Exhibited experience with maintaining strong documentation
• Experience with the ability to transfer knowledge to key members of the team and act as a value-added resource
• Proven experience of being on-call for support and security issues; able to troubleshoot independently
• Ability to interact confidently with counterparts at all levels within the firm
• Excellent problem solving and troubleshooting skills
• Demonstrated ability collaborate with teams spanning a range of locations

Base Pay Range: $175,000 - $200,000 

Salary Range for NYC and California candidates only.Actual based may vary based upon, but not limited to, relevant experience, time in role, base salary internal peers, prior performance, business sector, and geographic location. In addition to base salary, the competitive compensation package may include, depending on the role, participation in an incentive program linked to performance (for example, annual discretionary bonus programs, or other annual or non-annual incentive or sales plans.)

We are an Equal Opportunity/Affirmative Action Employer. We consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other protected status.

#LI-CD1