divh2Manager, Information Security Compliance And Risk/h2pAnalysis Group is one of the largest international economics consulting firms, with more than 1,500 professionals across 15 offices in North America, Europe, and Asia. Since 1981, we have provided expertise in economics, finance, health care analytics, and strategy to top law firms, Fortune Global 500 companies, and government agencies worldwide. Our internal experts, together with our network of affiliated experts from academia, industry, and government, offer our clients exceptional breadth and depth of expertise./ppThe Manager, Information Security Compliance And Risk is responsible for leading the firms Governance, Risk, And Compliance (Grc) program, including regulatory compliance, enterprise risk management, and assurance activities that support client requirements and regulatory obligations./ppThis role also serves as the primary owner of Information Security AI governance, ensuring that the firms use of AI and machine learning technologies aligns with security, privacy, regulatory, and client expectations./ppThe role manages a team of three Information Security Analysts and owns SOC 2 and ISO 27001 certification programs, while partnering closely with Legal, Compliance, Privacy, IT, and Security Engineering And Operations to ensure effective control design, evidence collection, risk management, and continuous improvement./ph3Responsibilities/h3ulliGovernance And Compliance Leadership/liliRegulatory Authorization And Assurance/liliAI Security Governance/liliRisk Management/liliThird-Party And Emerging Risk Governance/liliAudit And Assurance Coordination/liliTeam Leadership/liliCross-Functional Collaboration/liliExpected Outcomes/li/ulh3Qualifications Skills/h3ulliBachelors degree required; degree in information security, risk management, or a related field preferred./lili7 to 10 years of experience in information security, GRC, audit, or risk management required./liliPrior experience managing SOC 2 and or ISO 27001 programs required./liliDemonstrated people management or team leadership experience./liliProfessional certifications such as CISSP, CISM, CRISC, CGRC, or ISO 27001 Lead Implementer or Auditor./liliExperience with GRC platforms and risk management tooling./liliExperience supporting AI governance, data governance, or emerging technology risk programs./liliExperience supporting client-driven security assessments in a professional services environment./liliAn inclusive and growth-oriented mindset, strong interpersonal skills, and an ability to work across differences./liliTo the extent permitted by applicable law, eligible candidates must be authorized to work in the United States without sponsorship or restriction, now and in the future./li/ulpAnalysis Group embraces equal opportunity. We are committed to building teams that bring a variety of backgrounds, perspectives, and skills, as we believe that a strong and inclusive workforce directly supports our goal of providing the highest-quality work. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other class protected under applicable federal, state, or local law, and we encourage candidates of all backgrounds to apply./ppAnalysis Group offers competitive compensation and a comprehensive benefits package. The estimated salary range for this position is $175,000$200,000. Compensation offered will be based on a number of factors including work experience, education, and skill level. This role is eligible for a discretionary annual bonus that is determined in large part by individual performance./p/div