The Risk Manager is responsible for developing and implementing the organization's information security governance framework, conducting risk assessments, and ensuring compliance with industry standards and regulations. As part of a growing GRC team, this role will lead First Party Risk Management efforts, drive strategy, and help shape the future direction of the team. Key responsibilities include analyzing governance models, identifying security risks, collaborating with stakeholders, and presenting findings to senior leadership. Candidates should have expertise in risk management frameworks (FAIR, Open-FAIR, Bayesian), project coordination, and security governance tools like OneTrust or Archer. Ideal candidates have at least five years of experience in IT security, governance, or risk management, along with relevant certifications (CISSP, CRISC, CISA). Experience with AI security risks, IT infrastructure, and security training programs is a plus.