• Promote, educate and present Security, Risk and Issue information to key stakeholders and the business in all departments to ensure sound risk principles and how they are applied are represented. • Maintain the risk artifacts (register, acceptances/exceptions, vendor onboarding and vendor risk profiles, evaluation SBARCs, reports, metrics). • Execute Corporate, Product, Business Impact and Emerging Tech risk assessments, some as large-scale projects to include interviews, data collection, parsing and analysis, and modeling. • Integrate with partners in Security, Audit and Compliance, Procurement and Legal by understanding the frameworks and vocabularies they are using. • Using deep experience, develop and/or execute logical risk, threat and/or probability models whether automated or manually run. • Develop and maintain human networks including major stakeholders to propagate risk program support; Socialize challenging or counterintuitive future insights into likely risk events to create general risk awareness and thoughtfulness. • Work with total honesty and integrity, declaring errors and proposing fixes immediately, recognizing escalation-worthy information and escalating appropriately, providing confidence levels as appropriate in results. • Be prepared to build things brand new to the organization, whether a special purpose model or new nascent program processes to fill a gap.