Program Manager

Currently at Aon we are Seeking experienced Program Manager with a strong background in Security with a focus on Risk Management to lead projects focused on Governance, Risk, and Compliance (GRC), SOX, SOC 2, ISO 27001, Third-Party Risk Management, and Control Self-Assessments (CSA). The ideal candidate will be responsible for managing security-related projects, ensuring regulatory compliance, and driving continuous improvement in risk management processes.

Aon is in the business of better decisions

At Aon, we shape decisions for the better to protect and enrich the lives of people around the world.

As an organization, we are united through trust as one inclusive team and we are passionate about helping our colleagues and clients succeed.

What the day will look like

Program Management & Execution:

Lead and manage the end-to-end implementation of security and risk management projects, ensuring that they are completed on time, within scope, and within budget.

Develop and Manage documents required for project initiation, planning, execution, monitoring and control, and closure by target dates.

This also includes, but is not limited to: develop and manage Project Plans and schedules; develop Resource Capacity Plan, report on Budget Management; satisfy Status Reporting Requirements; develop and manage RAID Logs; utilize Change Control; develop and manage Cross-Functional Interdependency List; develop and maintain Action Items List; define Communication and Change Management requirements; define Leading Indicators, KPIs, and KRIs and show progress against these; define Meeting Cadence; define Escalation Paths; define Governance.

Collaborate with cross-functional teams (IT, HR, Privacy, Legal, and Compliance) to ensure alignment between business objectives and security requirements.

Risk Management:

• Lead the implementation and enhancement of GRC tools and frameworks frameworks, ensuring the organization’s processes comply with regulations.

• Manage the organization’s compliance initiatives related to SOX, SOC 2, ISO 27001, etc.

• Ensure controls are in place and operating effectively across security and IT functions to meet compliance objectives.

• Lead the assessment and management of risks associated with third-party vendors and partners.

• Lead the Third-Party Risk Management projects, ensuring vendors comply with internal security standards and regulatory requirements.

• Work closely with procurement, legal, and IT teams to evaluate and mitigate third-party risks.

• Lead Control Self-Assessments (CSA) projects to evaluate the effectiveness of internal controls across various departments.

• Ensure timely identification and remediation of control gaps and weaknesses through coordination with control owners.

• Track progress on remediation efforts and ensure continuous improvement of internal control environments.

  Management and Continuous Improvement:

• Work closely with risk owners to identify, assess, and prioritize risks across the organization.

• Monitor the effectiveness of risk management practices and recommend enhancements to improve the security and compliance posture.

• Stay current on regulatory changes and emerging security risks to ensure the organization’s risk management strategies remain effective.

  Skills and experience that will lead to success

  Education:

• Bachelor’s degree in Information Security, Business, Computer Science, or a related field.

• PMP or equivalent project management certification is highly preferred.

• Experience:

• 5+ years of project management experience, with a strong focus on security and risk management.

• Experience with security frameworks and standards such as ISO 27001, NIST, or CIS.

• Solid understanding of GRC frameworks and compliance requirements.

• Relevant security certifications (e.g., CISA, CISSP, CRISC) are highly desirable.

  Skills:

• Strong understanding of cybersecurity principles, risk management, and regulatory requirements.

• Excellent leadership, communication, and interpersonal skills with the ability to work effectively with cross-functional teams.

• Demonstrates strong analytical and problem-solving abilities, consistently paying attention to detail.

• Ability to work in a fast-paced, high-pressure environment, managing multiple projects simultaneously.

  How we support our colleagues

  In addition to our comprehensive benefits package, we encourage a diverse workforce. Plus, our agile, inclusive environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two “Global Wellbeing Days” each year, encouraging you to take time to focus on yourself. We offer a variety of working style solutions, but we also recognise that flexibility goes beyond just the place of work... and we are all for it. We call this Smart Working!

  Our continuous learning culture inspires and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued.

  Aon values an innovative, diverse workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace.

  Aon provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, domestic partner status, or other legally protected status.

  We welcome applications from all and provide individuals with disabilities with reasonable adjustments to participate in the job application, interview process and to perform essential job functions once onboard. If you would like to learn more about the reasonable accommodations we provide, email ReasonableAccommodations@Aon.com

  #technology&security

  #LI-JB3

  #LI- HYBRID

  2557189 Program Manager

  Currently at Aon we are Seeking experienced Program Manager with a strong background in Security with a focus on Risk Management to lead projects focused on Governance, Risk, and Compliance (GRC), SOX, SOC 2, ISO 27001, Third-Party Risk Management, and Control Self-Assessments (CSA). The ideal candidate will be responsible for managing security-related projects, ensuring regulatory compliance, and driving continuous improvement in risk management processes.

  Aon is in the business of better decisions

  At Aon, we shape decisions for the better to protect and enrich the lives of people around the world.

  As an organization, we are united through trust as one inclusive team and we are passionate about helping our colleagues and clients succeed.

  What the day will look like

  Program Management & Execution:

  Lead and manage the end-to-end implementation of security and risk management projects, ensuring that they are completed on time, within scope, and within budget.

  Develop and Manage documents required for project initiation, planning, execution, monitoring and control, and closure by target dates.

  This also includes, but is not limited to: develop and manage Project Plans and schedules; develop Resource Capacity Plan, report on Budget Management; satisfy Status Reporting Requirements; develop and manage RAID Logs; utilize Change Control; develop and manage Cross-Functional Interdependency List; develop and maintain Action Items List; define Communication and Change Management requirements; define Leading Indicators, KPIs, and KRIs and show progress against these; define Meeting Cadence; define Escalation Paths; define Governance.

  Collaborate with cross-functional teams (IT, HR, Privacy, Legal, and Compliance) to ensure alignment between business objectives and security requirements.

  Risk Management:

• Lead the implementation and enhancement of GRC tools and frameworks frameworks, ensuring the organization’s processes comply with regulations.

• Manage the organization’s compliance initiatives related to SOX, SOC 2, ISO 27001, etc.

• Ensure controls are in place and operating effectively across security and IT functions to meet compliance objectives.

• Lead the assessment and management of risks associated with third-party vendors and partners.

• Lead the Third-Party Risk Management projects, ensuring vendors comply with internal security standards and regulatory requirements.

• Work closely with procurement, legal, and IT teams to evaluate and mitigate third-party risks.

• Lead Control Self-Assessments (CSA) projects to evaluate the effectiveness of internal controls across various departments.

• Ensure timely identification and remediation of control gaps and weaknesses through coordination with control owners.

• Track progress on remediation efforts and ensure continuous improvement of internal control environments.

  Management and Continuous Improvement:

• Work closely with risk owners to identify, assess, and prioritize risks across the organization.

• Monitor the effectiveness of risk management practices and recommend enhancements to improve the security and compliance posture.

• Stay current on regulatory changes and emerging security risks to ensure the organization’s risk management strategies remain effective.

  Skills and experience that will lead to success

  Education:

• Bachelor’s degree in Information Security, Business, Computer Science, or a related field.

• PMP or equivalent project management certification is highly preferred.

• Experience:

• 5+ years of project management experience, with a strong focus on security and risk management.

• Experience with security frameworks and standards such as ISO 27001, NIST, or CIS.

• Solid understanding of GRC frameworks and compliance requirements.

• Relevant security certifications (e.g., CISA, CISSP, CRISC) are highly desirable.

  Skills:

• Strong understanding of cybersecurity principles, risk management, and regulatory requirements.

• Excellent leadership, communication, and interpersonal skills with the ability to work effectively with cross-functional teams.

• Demonstrates strong analytical and problem-solving abilities, consistently paying attention to detail.

• Ability to work in a fast-paced, high-pressure environment, managing multiple projects simultaneously.

  How we support our colleagues

  In addition to our comprehensive benefits package, we encourage a diverse workforce. Plus, our agile, inclusive environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two “Global Wellbeing Days” each year, encouraging you to take time to focus on yourself. We offer a variety of working style solutions, but we also recognise that flexibility goes beyond just the place of work... and we are all for it. We call this Smart Working!

  Our continuous learning culture inspires and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued.

  Aon values an innovative, diverse workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace.

  Aon provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, domestic partner status, or other legally protected status.

  We welcome applications from all and provide individuals with disabilities with reasonable adjustments to participate in the job application, interview process and to perform essential job functions once onboard. If you would like to learn more about the reasonable accommodations we provide, email ReasonableAccommodations@Aon.com

  #technology&security

  #LI-JB3

  #LI- HYBRID