Information Technology Risk Manager
Net2Source Inc. - new york city, NY
Apply NowJob Description
Client: Banking Financial ServicesTitle: IT Risk & Controls ConsultantDuration: 12 MonthsLocation: New York, NYJob Overview:The Enterprise Risk Management (ERM) team within GRM is seeking a Technology Risk & Controls Manager to support several operational resilience remediation initiatives in relation to the upcoming Digital Operational Resilience Act (DORA) regulation.Responsibilities will include:Enhance, embed, and mature ERM's technology risk and controls framework.Assist in development and implementation of ERM strategy, tools, policies, and procedures for identifying, capturing, and assessing technology related risks and controls.Assist in verifying and documenting the technology risk and control inventoryWork with Divisional and Business Unit Technology to drive risk frameworks and assessments related to the products and the surrounding infrastructure.Support the production of annual risk and control self-assessments of the technology risk environment.Assist in the identification of quantitative and qualitative technology risk metrics.Create technology risk reporting and dashboards.Support BU Risk Officers in risk reporting to senior management.Support BCMOperational Resilience enhancements. Skills, Requirements, and Competencies8+ years' experience in technology risk management, technology audit andor compliance in the financial services industry within capital markets.Strong understanding of (technology) risk management principles and internal control framework.Experience in implementing and supporting a technology risk management framework andor technology internal controls framework in a complex organization.Ability to evaluate operational or technological measures to assess risks and effectiveness of controls.Experience in creating, implementing, and maintaining (technology related) policies, procedures, guidelines, standards, and best practices.Good understanding of (technology) risk management frameworks, including COSO, COBIT, NIST and ISO 27001.Understanding of operational resilience concepts and experience working on operational resilience related (regulatory) programs (e.g., PRAFCABoE Operational Resilience, DORA)Innovative, strategic quisitive nature with high attention to detail and ability to seek out information.Action and results-oriented with ability to drive results and effect change.Strong communication, facilitation and influencing skills; ability to articulate and communicate complex ideas and concepts in a clear, concise, and structured manner.Strong organizational skills and ability to successfully multi-task and prioritize work.Ability to pro-actively cultivate relationships and collaborate with multiple stakeholders, including business leaders, legal, internal audit, and technology across regional locations.Advanced Microsoft Office skills
Created: 2024-09-20