IT Risk Manager, PM

Job Description

Job Description

The Embedded Risk Specialist role (ERM)

Location : Jersey or Tampa- hybrid

A first line of defense (FLOD) which consists of the businesses and functional units, including Product Management, Operations Management, IT and other areas critical to daily operation and functioning.

Partner and liaise with the CLIENT Control Groups, Business FLODs with regard to identifying and assessing inherent risk, control effectiveness and residual risk

Explore opportunities to improve the effectiveness of controls while also exploring ways to simplify our processes without increasing residual risk

Responsible for monitoring and managing risk and liaising with various entities for audits and supports control-testing efforts.

Provides guidance to SIFMU and RISK Delivery with submission of self-identified findings, responding to and complying with CLIENT Audit findings.

About this Opportunity

This position is a technical ERM role responsible for providing technical SME support for the ERM and application development teams in SIFMU and Risk for technical company-wide initiatives.

ERM Function

Management to achieve business priorities.

Coordinate domain response to various control functions and Product Management to support the division

Provide governance and process support for the division while helping to ensure adherence to internal development processes

Teamwork partners with other Embedded Risk Manager to identify best practices and monitors adheres to standard processes

Documentation coordinates process reviews for internal and external audits, Compliance, Risk Management & Technology assessments using the Process Risks and Controls (PRC) Framework

Partners with control functions to support audits & assessments; coordinates Management Self-Identified (MSI) issues and manages the Issue Management process for the domain

Performs Management Testing to assess control effectiveness and documents results

Reviews of standards, policies, and procedures and performs rationalization per compliance guidelines. Supports the development and maintenance of system level documentation

Performs sustainability assessments and assesses adherence to regulator, business & compliance requirements and to the Process Risk and Control framework and identifies solutions to resolve control gaps to support our risk attitude

Manages process adherence within the division and helps to lead department initiative budget reporting

Technical Requirements

Minimum 5 years of experience in IT, risk management, and / or IT audit required

Broad understanding of Application Security

Understands / Knowledgeable in the following :

PEN and FOSS vulnerabilities

Service Accounts Password rotation

Oracle, AWS, JAVA, Springboot, Jenkins, Python

Unix, Linux, Tomcat, Liberty

Management Function Technical and ERM

The successful candidate must be able to understand the technical interactions of an IT infrastructure, to include concepts associated with networks, cloud hosting, virtual environments, data management, etc.

Facilitate technical exchanges with stakeholders to discuss, quantify, and capture program risks

Apply sound judgment in facilitation and evaluation of IT risks and mitigation strategies

Think independently and strategically about potential downstream mission impacts

Respectfully, yet effectively challenge the identification and acceptance of risks to ensure concepts are well thought out and logically documented

Perform gap assessments of proposed risk mitigation strategies and influence customers towards holistic remediation strategies that address the root-cause issue(s)

Translate technical jargon into simple to consume concepts for varied stakeholders understanding.

Perform as a key Technical Advisor for articulating the portfolio of IT Risks, and relay challenges to ERMs, Applications development teams, and senior decision makers.

Qualifications

Bachelors’ Degree or industry equivalent work experience

Minimum 5 years applicable experience

Clear communicator, with good verbal and written communication skills

Ability to influence without authority

Ability to communicate technical concepts to a broad range of technical and non-technical staff

Must be able to demonstrate strong technical leadership.

Continuous proactivity and follow-through

Ability to prioritize and focus on most urgent tasks & work in a fast-paced IT environment.

Comfortable working closely with team management to review approaches and requirements that solve business problems.

Experience with governance, risk, and compliance projects and program oversight

Knowledgeable in Agile Development, with Scrum Master (or similar) experience

Ability to balance risks in ambiguous and complex situations

Demonstrated teamwork and collaboration skills in leading or contributing to global and multi-functional teams

Highly motivated to contribute and grow within a complex area of emerging importance

Demonstrates excellent organizational direction, time management, problem-solving, prioritization, goal setting, leadership, motivation, negotiation, and interpersonal relations

Works well under pressure and within time / budget constraints to solve problems or meet objectives

Strong analytical / problem solving skills and cross functional knowledge across multiple IT operational and security disciplines

Possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change

Experienced in status reporting to management.

Powered by JazzHR

ZYb4DDNl14