IT Risk Manager

Overview:  

We don’t simply hire employees. We invest in them. When you work at Chatham, we empower you — offering professional development opportunities to help you grow in your career, no matter if you've been here for five months or 15 years. Chatham has worked hard to create a distinct work environment that values people, teamwork, integrity, and client service. You will have immediate opportunities to partner with talented subject matter experts, work on complex projects, and contribute to the value Chatham delivers every day.  

Our IT Risk & Compliance team is dedicated to protecting and strengthening our global IT systems. By managing SOC 2 Type 2 compliance, assessing IT security risks, and overseeing vendor risk, the team ensures we uphold rigorous security and compliance standards. Team members collaborate across departments, champion process improvements, and promote a culture of risk awareness. Their work is vital to maintaining client trust, safeguarding key business operations, and enhancing Chatham’s overall security posture. If you’re driven by IT security, enjoy working with diverse teams, and want to make a meaningful impact, consider joining our IT Risk & Compliance team! 

In this role you will:

• Lead and Expand Security Compliance Initiatives:  
  • Oversee and continuously improve the existing SOC 2 Type 2 compliance program, including audit preparation, evidence collection, gap analysis, and ensuring controls operate effectively year-round. 
  • Expand the scope of compliance efforts by integrating additional frameworks such as NIST Cybersecurity Framework (CSF), NIST 800-53, ISO/IEC 27001, and other relevant standards. 
  • Build and manage an internal audit practice to independently assess the design and effectiveness of controls, ensuring alignment with industry standards and organizational requirements. 
  • Serve as the primary liaison for stakeholders and external auditors, facilitating seamless communication and resolution of audit findings. 

• Manage IT Security Risk:
  • Conduct IT security risk assessments across the organization against industry standards like NIST and maintain the IT risk register to monitor, prioritize, and mitigate risks.
  • Conduct Business Impact Analysis across the organization to identify critical business processes and systems to help prioritize business continuity and disaster recovery efforts.
  • Assess IT security risks that come with new and emerging technologies like AI and provide guidance on IT security best practices.
  • Collaborate with the Global Operational Risk Team to identify and address IT-related operational risks. 

• Enhance IT Security Governance:
  • Support developing and maintaining IT security policies, standards, and frameworks.
  • Provide ongoing reporting to senior leadership and stakeholders on the organization’s IT risk and compliance posture. 

• Drive IT Security Compliance:
  • Work closely with Legal and Regulatory Compliance teams to identify the IT Security requirements from the applicable regulations.
  • Work with other Security and Infrastructure teams to develop policies and controls to comply with legal and regulatory requirements. 

• Drive Continuous Improvement:
  • Identify opportunities to improve processes, enhance compliance efforts, and promote a culture of risk awareness across the organization.
  • Contribute to employee training and awareness sessions on IT security and compliance topics. 

Your impact: 

• In this role, you will directly contribute to the security, compliance and resilience of Chatham’s IT infrastructure by ensuring compliance with SOC 2 Type 2 standards and reducing IT-related operational risks. You will collaborate across business and technology teams, partner with key stakeholders from across the company, and provide insights to strengthen the organization’s overall risk posture. By implementing strong risk and compliance practices, you’ll help build trust with clients and protect critical business functions. 

Contributors to your success:  

• A bachelor's degree in Information Technology, Cybersecurity, Risk Management, or a related field, or equivalent experience.
• 5+ years of experience in IT security, risk management, or compliance roles.
• Experience managing SOC 2 Type 2 compliance or similar frameworks (e.g., ISO 27001, NIST CSF).
• Familiarity with IT risk management frameworks (e.g., NIST, COBIT, FAIR).
• Familiarity with regulatory requirements (e.g., GDPR, SEC, DORA, FINRA).
• Strong understanding of IT security principles, technologies, and best practices.
• Relevant certifications such as CISSP, CISM, CRISC, or similar are strongly preferred.
• Strong leadership, organizational, and collaboration skills.
• Excellent analytical and communication abilities to engage technical and non-technical stakeholders.
• Proactive, detail-oriented, and committed to compliance excellence. 

About Chatham Financial: 

Chatham Financial is the largest independent financial risk management advisory and technology firm. A leader in debt and derivative solutions, Chatham provides clients with access to in-depth knowledge, innovative tools, and an incomparable team of close to 700 employees to help mitigate risks associated with interest rate, foreign currency, and commodity exposures. Founded in 1991, Chatham serves more than 3,000 companies across a wide range of industries — handling over $750 billion in transaction volume annually and helping businesses maximize their value in the capital markets, every day. To learn more, visit www.chathamfinancial.com. 

Chatham Financial is an equal opportunity employer.

#LI-Hybrid

#LI-RK1