Accelerate Your Career

Risk/Controls Manager

SkillStorm is seeking a Risk & Control Manager for one of our clients in New York, NY.

Global Strategy & Architecture, Core Platforms Technology Risk and Control Specialist Job Description

• This is a senior role requiring risk, regulatory and financial industry experience and 5-10 years of relevant experience. The nature of current and near-term initiatives is such that experience with IT General Computing Controls and audit, compliance/regulatory/SOX, controls, workflow, and technology risk concepts is essential.

Role Description:

• You will perform assessments of risks, processes and controls. Identify &/or foresee operational risks and recommend appropriate controls. Enable delivery of control portfolio with the ability to track and drive implementation of some of those recommendations. Responsibilities include: defining and evaluating deficiency in technology and operational controls and collaborating to design effective solutions; defining the scope and impact of projects and effectively communicating the impact on the organization; establishing project tasks, timelines and effectively managing them.
• Analyze existing technology controls. Identify and remediate gaps by partnering with IT development teams
• Work with system component owners to align strategic roadmaps with overall risk and control framework
• Work with IT control owners to streamline and enhance existing governance processes and frameworks
• Enforce and enable compliance with firm-wide risk initiatives and policies.
• Develop and foster subject matter expertise in a technology risk domain
• Assist with the quality assurance reviews of various control assessment programs
• Identify and drive opportunities for process improvements to deliver increasing efficiencies
• Own and maintain relationships with a wide range of stakeholders (project managers, IT developers, internal and external control partners)

Required Skills:

• Prior experience in IT risk management, audit or similar working closely with development teams
• Knowledge of IT Risk and Control Framework such as COBIT, NIST, ISO 27001
• Ability to bridge enterprise control requirements (such as Information Security, Business Continuity/Disaster Recover, Change Management, Identity & Access management) with individual environment for applicability
• Exposure or experience working with counter parts in Audit &/or Regulators
• Strong verbal and written communication skills to effectively lead technical discussions
• Ability to work independently in a fast-paced environment
• The desire and drive to own the responsibility and to accomplish positive technical results
• Good working knowledge or experience with some of the following risk domains:
  • Database and application security
  • Access administration
  • Infrastructure security
  • Security event logging and monitoring
  • Database/Application security protocols
  • Secure software/code development
  • Change management; vulnerability management
  • Business Continuity & Disaster recovery
  • Software &/or Hardware platform upgrades
  • Software development life cycle