Key skills
RepositoryRisk ManagementCommunicationDecision MakingPresentation Skills
About this role
Role Overview
- Collaborates effectively with team members to grow in their personal and professional development of IT risk management practices, with an emphasis on overseeing IT risk/issue management and performing IT risk assessments.
- Utilizes technical skills or aptitude to identify and address issues in various technology stacks, features, and/or components.
- Participates and consults in IT risk activities across the company.
- Assists in overseeing a variety of IT Risk related issues, including the identification, examination and analysis of IT applications, processes, and systems, and their overall impact to the organization.
- Participates in the creation of the IT risk assessment roadmap, outlining technology topics and areas of the company where quarterly risk assessment reviews are needed.
- Identifies gaps, potential emerging threats, potential financial exposure and client impact, and collaborates with stakeholders in their creation of remediation action plans.
- Assists in performing complex risk assessment initiatives such as Single Point of Failure (SPOF) assessments as part of the merger and acquisition process.
- May require international travel.
- Enforces and administers an established and centralized risk management repository related to compliance, conformance and quantified key risks, within risk tolerance guidelines and with defined mitigation measures.
- Assists in developing and providing business unit, executive, and Board of Director IT risk reporting that meets regulatory requirements and assists internal risk-based decision making via governance presentations.
- Presents effective and efficient reporting updates on IT risk priorities and procedures.
- Monitors significant risks to ensure they are actively managed and reported.
- Recommends and helps implement improvements to IT risk procedures, practices, processes and methodologies to maintain a proactive, risk-based compliance oversight program.
- Anticipates how the organization must adapt to changes in the industry to sustain competitive advantage.
- Adheres to operational risk policies and programs based on global regulatory guidelines, requirements and best practices related to technology industry standards.
- Assesses, monitors and verifies implementation of IT risk management processes.
- Not an exhaustive list; other duties as assigned; additional working hours when necessary; some travel
Requirements
- Minimum of 4 years Related professional work experience
- Strong technical skill set or strong technical aptitude
- Assertive work ethic; demonstrates a passion for both the work and people
- leading/developing others
- Strong multi-tasking skills
- Strong analytical skills
- Strong networking skills
- Strong communication skills, verbal and written
- Strong presentation skills for executive management and audit related engagements
- Bachelor's Degree
- Relevant Experience or Degree in: related field of study from an accredited university is required; however, relevant experience in lieu of a degree may be considered.
- Master's Degree (Preferred)
- PCI Professional (PCIP), Systems Security Certified Practitioner (SSCP), CISSP, Certified in Risk and Information Systems Control (CRISC), Certified Information System Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT), GRC Professional (GRCP) (Preferred)
Benefits
- Equal employment opportunities
- Reasonable accommodations related to applying for employment