Monitor and assess the effectiveness of security controls and compliance initiatives Risk ... management and regulatory compliance * 5+ years of experience supporting or leading SOC 2 ...
Monitor and assess the effectiveness of security controls and compliance initiatives Risk ... management and regulatory compliance * 5+ years of experience supporting or leading SOC 2 ...
Data Security analyst
Columbus, OH · On-site
Review risk assessment questionnaires, perform information security control reviews and complete documentation for submission to risk management governance committees for approval or denial.
Data Security analyst
Columbus, OH · On-site
Review risk assessment questionnaires, perform information security control reviews and complete documentation for submission to risk management governance committees for approval or denial.
Security Administrator II
Marysville, OH · On-site
Risk Management * Perform risk assessments, generate risk reports/updates, tracking progress of remediation efforts. * Security Awareness * Facilitate and distribute communications to various ...
Security Administrator II
Marysville, OH · On-site
Risk Management * Perform risk assessments, generate risk reports/updates, tracking progress of remediation efforts. * Security Awareness * Facilitate and distribute communications to various ...
Prior work experience of risk management disciplines, security policies and standards, technology risk assessment, and third party supplier risk process and requirements * Current or previous ...
Prior work experience of risk management disciplines, security policies and standards, technology risk assessment, and third party supplier risk process and requirements * Current or previous ...
... management, information security, or a related field, with a focus on managing risk identification, assessment, and mitigation * Demonstrated expertise in risk management frameworks, industry ...
... management, information security, or a related field, with a focus on managing risk identification, assessment, and mitigation * Demonstrated expertise in risk management frameworks, industry ...
... management, information security, or a related field, with a focus on managing risk identification, assessment, and mitigation * Demonstrated expertise in risk management frameworks, industry ...
... management, information security, or a related field, with a focus on managing risk identification, assessment, and mitigation * Demonstrated expertise in risk management frameworks, industry ...
... management, information security, or a related field, with a focus on managing risk identification, assessment, and mitigation * Demonstrated expertise in risk management frameworks, industry ...
... management, information security, or a related field, with a focus on managing risk identification, assessment, and mitigation * Demonstrated expertise in risk management frameworks, industry ...
... management, information security, or a related field, with a focus on managing risk identification, assessment, and mitigation * Demonstrated expertise in risk management frameworks, industry ...
... management, information security, or a related field, with a focus on managing risk identification, assessment, and mitigation * Demonstrated expertise in risk management frameworks, industry ...
... security risk oversight for areas of the enterprise that manage technology. As part of this ... Review risks, controls and, conduct assessments to support effective oversight and compliance with ...
... security risk oversight for areas of the enterprise that manage technology. As part of this ... Review risks, controls and, conduct assessments to support effective oversight and compliance with ...
... risk assessments for initiatives. The position will oversee a team of security engineers and ... Manage a team of resources who serve as technical leads on security projects and business projects.
... risk assessments for initiatives. The position will oversee a team of security engineers and ... Manage a team of resources who serve as technical leads on security projects and business projects.
Prior work experience of risk management disciplines, security policies and standards, technology risk assessment, and third party supplier risk process and requirements. * Current or previous ...
Prior work experience of risk management disciplines, security policies and standards, technology risk assessment, and third party supplier risk process and requirements. * Current or previous ...
Prior work experience of risk management disciplines, security policies and standards, technology risk assessment, and third party supplier risk process and requirements. * Current or previous ...
Prior work experience of risk management disciplines, security policies and standards, technology risk assessment, and third party supplier risk process and requirements. * Current or previous ...
Security Administrator
Marysville, OH · On-site
Prior work experience of risk management disciplines, security policies and standards, technology risk assessment, and third party supplier risk process and requirements * Current or previous ...
Security Administrator
Marysville, OH · On-site
Prior work experience of risk management disciplines, security policies and standards, technology risk assessment, and third party supplier risk process and requirements * Current or previous ...
Familiarity with risk management frameworks, industry standards, and technology regulatory requirements. * Proficient knowledge and expertise in resiliency, data security, risk assessment & reporting ...
Familiarity with risk management frameworks, industry standards, and technology regulatory requirements. * Proficient knowledge and expertise in resiliency, data security, risk assessment & reporting ...
Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements. * Proficient knowledge and expertise in data security, risk assessment & reporting ...
Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements. * Proficient knowledge and expertise in data security, risk assessment & reporting ...
Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements. * Proficient knowledge and expertise in data security, risk assessment & reporting ...
Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements. * Proficient knowledge and expertise in data security, risk assessment & reporting ...
Technology Risk and Controls Lead - Database
Columbus, OH · On-site
$142K - $200K/yr
Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements. * Proficient knowledge and expertise in data security, risk assessment & reporting ...
Technology Risk and Controls Lead - Database
Columbus, OH · On-site
$142K - $200K/yr
Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements. * Proficient knowledge and expertise in data security, risk assessment & reporting ...
Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements. * Proficient knowledge and expertise in data security, risk assessment & reporting ...
Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements. * Proficient knowledge and expertise in data security, risk assessment & reporting ...
Consulting Manager, Governance, Risk & Compliance (Workiva)
Columbus, OH · On-site
$120K - $156K/yr
Consulting Manager, Governance, Risk & Compliance (Workiva) Location: * Clearsulting is ... Conduct client discovery sessions to gather requirements, assess current-state processes, and ...
Consulting Manager, Governance, Risk & Compliance (Workiva)
Columbus, OH · On-site
$120K - $156K/yr
Consulting Manager, Governance, Risk & Compliance (Workiva) Location: * Clearsulting is ... Conduct client discovery sessions to gather requirements, assess current-state processes, and ...
Familiarity with risk management frameworks, industry standards, and technology regulatory requirements. * Proficient knowledge and expertise in resiliency, data security, risk assessment & reporting ...
Familiarity with risk management frameworks, industry standards, and technology regulatory requirements. * Proficient knowledge and expertise in resiliency, data security, risk assessment & reporting ...
Manager Security Risk Assessment information
See salary details
$51.5K - $62.3K
4% of jobs
$62.3K - $73K
6% of jobs
$73K - $83.8K
11% of jobs
$87.9K is the 25th percentile. Wages below this are outliers.
$83.8K - $94.6K
11% of jobs
The median wage is $103.2K / yr.
$94.6K - $105.4K
23% of jobs
$105.4K - $116.1K
13% of jobs
$123.2K is the 75th percentile. Wages above this are outliers.
$116.1K - $126.9K
12% of jobs
$126.9K - $137.7K
8% of jobs
$137.7K - $148.5K
6% of jobs
$148.5K - $159.2K
4% of jobs
$159.2K - $170K
2% of jobs
$51.5K
$111.6K
$170K
How much do manager security risk assessment jobs pay per year?

Full-time
Medical, Dental, Vision, Retirement, PTO
This job post has expired today. Applications are no longer accepted.
APCO Holdings rating
7.9
Based on 9 frontline employees who took The Breakroom Quiz
158th of 281 rated insurance
Job description
APCO Holdings partners with dealerships across North America to deliver innovative vehicle protection products and services that enhance the ownership experience for customers and drive growth for our partners. Through our family of brands, we bring together industry expertise, technology, and data-driven insights to help dealers strengthen their finance and insurance performance and build lasting relationships with their customers.
Our teams work collaboratively across operations, technology, risk, finance, marketing, and sales to deliver solutions that create measurable value and support the continued growth of APCO and the partners we serve.
We are looking for a Senior Security Risk & Compliance Analyst to support and strengthen APCO's security governance, risk, and compliance (GRC) initiatives. In this role, you will help drive compliance efforts, assess security controls, identify risks, and support the organization's ongoing commitment to maintaining a strong security posture and regulatory compliance.
Security Compliance & Governance
- Collaborate across departments to ensure alignment with security compliance frameworks and regulatory requirements (SOC 2, NYCRR, FTC Safeguards Rule, etc.)
- Conduct security control mapping and compliance reconciliation activities
- Support the development, implementation, and maintenance of security policies, standards, and procedures
- Monitor and assess the effectiveness of security controls and compliance initiatives
Risk Assessment & Mitigation
- Identify, assess, and prioritize security risks across systems, processes, and operations
- Partner with stakeholders to develop remediation plans and mitigation strategies
- Provide recommendations on security best practices and control implementations
- Conduct regular security audits and compliance assessments
Reporting & Documentation
- Maintain documentation related to audits, risk assessments, remediation efforts, and compliance activities
- Prepare reports and dashboards on compliance status, risks, KPIs, and trends for leadership
- Track remediation efforts and support continuous improvement initiatives
Security Awareness & Collaboration
- Support development and delivery of security awareness and training programs
- Promote a culture of security awareness and accountability across the organization
- Stay current on emerging threats, technologies, and evolving regulatory requirements
You'll be successful in this role if you're highly analytical, detail-oriented, and passionate about security governance and compliance. You're comfortable evaluating risks, identifying gaps, and collaborating across teams to strengthen security controls and processes.
You're also a strong communicator who can translate complex compliance and security concepts into actionable guidance for both technical and non-technical stakeholders. You thrive in fast-paced environments and enjoy balancing strategic thinking with hands-on execution.
- Bachelor's degree in Information Security, Information Technology, or a related field
- 8+ years of experience in IT security or related fields
- 5+ years of experience in risk management and regulatory compliance
- 5+ years of experience supporting or leading SOC 2 compliance efforts
- Strong understanding of security frameworks, controls, and regulatory requirements
- Professional certifications such as CISSP, CISM, or CISA
- Experience with compliance frameworks and regulations such as SOC 2, NYCRR, and FTC Safeguards Rule
- Experience conducting audits, risk assessments, and remediation tracking
- Experience working in regulated industries such as insurance or financial services
- Enjoy identifying risks and improving security processes
- Thrive in cross-functional, collaborative environments
- Like balancing technical security concepts with governance and compliance
- Are motivated by protecting systems, data, and organizational integrity
- Competitive compensation
- Comprehensive medical, dental, and vision benefits
- 401(k) with company match
- Paid time off and company holidays
- Opportunities for professional growth and certification support
- A collaborative and security-focused work environment
What APCO Holdings employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom
About APCO Holdings
Sourced by ZipRecruiter
Industry
Motor vehicle manufacturing
Company size
501 - 1,000 Employees
Headquarters location
Norcross, GA, US
Year founded
1984