Job description:
Summary of position:
We are seeking a highly skilled and experienced IT Risk consultant to join our IT department.
- The successful candidate will be responsible for overseeing technology risk management for the IT / Line of Defense level 1 (LoD1) liaising with Head Office IT Risk (TRM LoD1) as well as LoD2.
Responsibilities:
- To be the primary interface for LoD1.1 Group and LoD2 on all or part of IT risk taxonomies/natures.
- Implement the Group ITRM Framework within their scope and potentially enrich it with their own needs (business or geographical specificities).
- Lead campaigns for IT risk controls and evaluations (e.g. RCSA) within their scope.
- Ensure supervision/quality control of the results of CPN1 carried out by LoD1.1.
- Consolidate reporting on CPN1/KRI and IT risk evaluations within their scope.
Addition in this function:
- Coordinate SAM (Software Asset Management) locally and with Head Office and ensure compliance.
- Check and challenge IT CPN1 data quality.
- Implement IT management dashboard around ITRM scope (liaising with IT Run Control Tower team in Porto).
- Review and try to simplify number of controls with AMER LoD2 as well as ensuring alignment with Head Office and AMER specific requirement.
- Lead with rest of the IT the industrialization/automation of IT controls.
- Liaise and Oversight of IT controls performed at Head Office for AMER.
Requirements:
- Bachelors degree in IT Computer Science or a related field.
- Proven experience in IT risk management preferably in a leadership role.
- Indepth knowledge of technology risk management frameworks regulations (NY Client Part 500 FFIEC manual NIST ) and best practices at operation level
- Familiarity with LOD1.1 and other risk assessment methodologies to oversight checks and/or perform IT Risk controls.
- Strong understanding of Software Asset Management (SAM) principles and practices
- Excellent communication analytical skills and interpersonal skills
- Ability to work effectively in a fastpaced and dynamic
This is for a NYC based resource that needs to be 3 days in the office (Hybrid)