| Urgent Hiring on :: IT Risk Manager :: AZ, IL, CA (Hybrid) at Remote, Remote, USA |
| Email: [email protected] |
|
From: Sankhi Tudu, Vyze Inc [email protected] Reply to: [email protected] Title: IT Risk Manager Location: PHX, CHICAGO, SF BAY ( Candidates must be local to these locations) (Hybrid) Duration: 12 months Visa: USC/GC Must have LinkedIn profile Update: Looking for: Unique individual with a technology background and also a risk professional Analyst level: technology expertise does not have to be as deep, but they have to have some technology experience People that can help transform and formalize risk activities for the domain she is responsible for: Control testing, Risk assessments, Risk testing, Committee management, Risk acceptance, Policy, Regulatory mediation Must have hands on experience Pay rise and reporting They will not be people leaders (5 or more year of tech and risk, doing the risk activities) Will not be managing any people Someone to come in an build their new issue management practice, create a process that is effective and efficient, formalize it, and work with the team to build it , execute on it then govern it. o Hands on with building the practice TOP THREE NEEDED Issue management Standard technology architecture Risk assessments would be good to have risk reporting, governing support, o Technology risk, security risk, data risk and technology risk across the company o Difference between working on a risk topic and being the one performing the risk work. o Risk, or financial services back round- needs to have been hands on Control testing- what is expected Depending on what kind of control you are testing can be procedural kind of control, or automated around access management. Could be a manual or automated or hybrid test. The procedure tells you what to do, there is a script, pull this for control test Will be able to tell if they do not know what to do. Early Warning uses, onpremises and cloud environment Note: We will be looking for someone that may have started their career as a technologist that moved into the risk space. Ideally, someone that would have demonstrated experience performing technology risk assessments, control testing, managing technology issues, supporting technology KRI/KPI and governance reporting. This position is responsible for execution of a Technology first-line of defense (LOD1) risk and internal control program for our client. The role will be required to execute with the companys Enterprise Risk Management Leadership around the structure of the three lines of defense program to ensure consistency in the implementation and operationalization across the enterprise Essential Functions Develop and maintain technology policies, standards, procedures, and guidelines. Ensure that the policy approval process is followed. Help maintain Technologys process inventory and internal control environment inventory. Act as point of contact for technology focused external and internal audits and assessments (SOC2, PCI DSS, & others). Effectively communicate technology and security related risks and vulnerabilities. Validate solutions being implemented are in line with currently approved policy, in conjunction with Technology and Security teams. Act as business-line liaison to Enterprise Risk Management and Operational Risk Management. Perform control testing of technology controls for correct implementation and operation. Create, facilitate, and manage risk identification and remediation processes. Ensure risk remediation plans exist and are sufficient; track remediation plans to completion and ensure remediation is on-time and sustainable; ensure action plans and remediation of issues by Risk Owner. Assist Technology teams in driving improvements in confidentiality, integrity, and availability. Identify and implement processes improvement efforts. Work with process and control owners to better define and implement control performance requirements. Support the companys commitment to risk management and protecting the integrity and confidentiality of systems and data Minimum Qualifications Education and/or experience typically obtained through completion of a bachelors degree in Computer Science, Business Administration, Finance or Accounting or equivalent experience. 5 or more years of related experience. Familiarity with ISO 27000, PCI DSS, NIST 800-53a, COBIT, FFIEC handbook, SOC2 Type II, GLBA, FCRA, FISMA. Effective communication, organization, and presentation skills. Background and drug screen. Preferred Qualifications 5+ years work experience in security, governance, compliance, IT audit, information technology, or related. Direct experience supporting first line of defense IT support for Control Testing, Issues Management, audits and external exams. Certification in one of CISA, CISSP, CCSP, CRISC, or equivalent or ability to sit for one of the certifications within the first 12 months of hire. Experience with security-related technologies including firewalls, IDS, SIEM, vulnerability scanners, anti-virus, data leak prevention, two factor authentication, and VPN. Experience in managing business continuity and disaster recovery initiatives. Additional related education and/or experience. Keywords: information technology green card Urgent Hiring on :: IT Risk Manager :: AZ, IL, CA (Hybrid) [email protected] |
| [email protected] View All |
| 10:09 AM 10-Dec-24 |