Remote IT Risk Operations Manager

A global Am Law 50 firm is seeking a Manager of IT Risk Operations to join their team. This high-impact position in the Governance, Risk & Compliance function sits at the center of the firm's technology, security, and operational ecosystem. Managing a small team, you will work closely with senior leaders across IT, Security Engineering, General Counsel, and firm leadership to shape how risk is understood, measured, and managed. Duties include the below:

Strengthen IT Governance & Controls

-Lead the development of executive-level reporting on IT risk, compliance posture, and operational performance

-Build and evolve KPI/KRI dashboards that provide real-time visibility into risk trends and control effectiveness

Translate complex IT and security data into meaningful insights for decision making

-Ensure adherence to IT policies, standards, and leading frameworks (e.g., NIST, ISO 27001)

-Own and evolve the firm's IT risk register and Risk & Control Self-Assessment (RCSA) program

-Identify emerging and systemic risks across IT, security, privacy, and operational processes

Incident Governance & Investigations

-Partner with General Counsel, Security, and IT to lead internal investigations

Own ITSM Governance & ServiceNow Analytics

-Oversee governance and reporting across the IT Service Management (ITSM) ecosystem

-Analyze incident, change, and problem management data to identify trends and improvement opportunities

-Drive workflow optimization and automation within ServiceNow

Vendor Risk Management

-Review and advise on vendor agreements

-Enhance vendor risk processes, including risk tiering, assessments, and monitoring

-Identify opportunities to streamline processes, enhance reporting, and improve governance

-Introduce data-driven approaches to risk management and operational oversight

-Perform related duties as assigned or directed by supervisor

-Maintain compliance with all firm policies and procedures

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

7+ years of experience in IT risk, security compliance, technology audit, or IT governance

-Experience operating in complex, regulated environments (e.g., law firms, financial services, consulting) preferred

-Proven ability to lead reporting, analytics, and governance initiatives

-Familiarity with ServiceNow and ITSM reporting including understanding of incident, change, and problem management lifecycles

-Experience with security and collaboration platforms such as Microsoft 365, Purview and email security tools

-Working knowledge of frameworks such as the NIST Cybersecurity Framework, ISO/IEC 27001 and SOC 2

-Strong understanding of control design, risk registers, RCSA programs, and audit response

-Strong understanding of vendor risk, compliance, contracts, and 3LoD model

-Basic understanding of privacy regulations -Bachelor's degree

-Law firm or professional service industry background

-CISA, CISSP, CRISC, CTPRM and/or ITIL