Washington Licensed Information Security Manager

Job Summary

Executing third-party risk assessments, the full-time Washington Licensed Information Security Manager will evaluate vendor control environments, document risk findings, and support the overall security program while managing relationships with service providers and collaborating with stakeholders across IT and business departments.

Key responsibilities

• Conduct structured security risk assessments of third-party providers, identifying control gaps and documenting risk findings
• Oversee compliance activities related to technology projects, ensuring alignment with internal policies and external regulations
• Manage multiple concurrent assessments and deliverables, adjusting priorities to meet changing business demands

Required qualifications

• Bachelor's degree in Information Systems or related field or equivalent experience/certification
• 7+ years of information technology leadership experience, including security policy implementation and governance
• 3+ years of direct work experience in third-party risk management
• One or more current information security certifications such as CRISC, CISM, CISA, or CISSP
• Experience executing third-party/vendor risk assessments within a defined framework