Risk/Controls Manager (Closed)
SkillStorm is seeking a Risk & Control Manager for one of our clients in New York, NY.
Global Strategy & Architecture, Core Platforms Technology Risk and Control Specialist Job Description
- This is a senior role requiring risk, regulatory and financial industry experience and 5-10 years of relevant experience. The nature of current and near-term initiatives is such that experience with IT General Computing Controls and audit, compliance/regulatory/SOX, controls, workflow, and technology risk concepts is essential.
Role Description:
- You will perform assessments of risks, processes and controls. Identify &/or foresee operational risks and recommend appropriate controls. Enable delivery of control portfolio with the ability to track and drive implementation of some of those recommendations. Responsibilities include: defining and evaluating deficiency in technology and operational controls and collaborating to design effective solutions; defining the scope and impact of projects and effectively communicating the impact on the organization; establishing project tasks, timelines and effectively managing them.
- Analyze existing technology controls. Identify and remediate gaps by partnering with IT development teams
- Work with system component owners to align strategic roadmaps with overall risk and control framework
- Work with IT control owners to streamline and enhance existing governance processes and frameworks
- Enforce and enable compliance with firm-wide risk initiatives and policies.
- Develop and foster subject matter expertise in a technology risk domain
- Assist with the quality assurance reviews of various control assessment programs
- Identify and drive opportunities for process improvements to deliver increasing efficiencies
- Own and maintain relationships with a wide range of stakeholders (project managers, IT developers, internal and external control partners)
Required Skills:
- Prior experience in IT risk management, audit or similar working closely with development teams
- Knowledge of IT Risk and Control Framework such as COBIT, NIST, ISO 27001
- Ability to bridge enterprise control requirements (such as Information Security, Business Continuity/Disaster Recover, Change Management, Identity & Access management) with individual environment for applicability
- Exposure or experience working with counter parts in Audit &/or Regulators
- Strong verbal and written communication skills to effectively lead technical discussions
- Ability to work independently in a fast-paced environment
- The desire and drive to own the responsibility and to accomplish positive technical results
- Good working knowledge or experience with some of the following risk domains:
- Database and application security
- Access administration
- Infrastructure security
- Security event logging and monitoring
- Database/Application security protocols
- Secure software/code development
- Change management; vulnerability management
- Business Continuity & Disaster recovery
- Software &/or Hardware platform upgrades
- Software development life cycle
Similar Jobs
Application Architect V
Contract job in Jersey City
Entry Level Software Engineer
Contract job in Philadelphia