Position: IT Embedded Risk Manager (ERM)
Location: Jersey City NJ or Tampa FL
Job Description
Department/Area Function:
- Clients Information Technology (IT) Risk Management program is designed to identify manage measure and mitigate risks in all IT Capabilities.
- Maintaining and enhancing IT risk management framework. The framework is comprised of tools and processes to help Client:
- Identify new risks changes in risk or relationships between risks
- Monitor and escalate key matters of risk and control
- Support IT management in maintaining a complete and accurate Process Risk and Control library
- Formulating disseminating and administering IT risk management policy and procedures;
- Providing risk and control consultation and evaluations of control effectiveness to support/ evidence management awareness of the effectiveness of the control environment (i.e. assist management in issue selfidentification)
- Liaising with Technology Risk Information Security Technology Centers of Excellence and with other subject matter experts within the organization to ensure that risks and appropriate mitigants are identified and communicated throughout the organization.
Position Summary:
- An IT PRC Senior Associate has primary responsibility of executing control testing leading discussions maintaining relationships with key stakeholders and support targeted IT risk assessments (where applicable). The incumbent will execute and support daytoday IT risk management activities (such as risk and controls assessments) manage deadlines and stakeholder expectations and lead or participate in projects within assigned areas of responsibility. In carrying these responsibilities the incumbent must work collaboratively with the Embedded Risk Management team other risk & control functions as well as with IT line management.
Principal Responsibilities:
- Support efforts to identify and manage risk within IT SIFMU & Risk Delivery Department
- Develop and strengthen relationships with IT partners and control evaluation functions across the 3 lines of defense
- Develop communicate and ensure adherence to department risk policies procedures and best practices;
- Demonstrate and embed the behaviors and competencies that create a risk management mindset in your organization; a
- Support and eventually lead risk management activities including review of policy and procedure documents for alignment with controls incorporation of changes etc
- Become a central point of contact for risk and compliance items throughout the SIRI organization
- Gathering preparing and reviewing inputs into reporting (e.g. risk treatment risk profiles inherent risk assessments)
IT ERM Senior Associate will be consistently responsible for facilitating the:
- Tracking and escalation of compliance items included on the IT Risk & Control Report/ Dashboard
- Issue and action closure facilitation including meeting coordination evidence gathering and review documentation preparation and review
- Control evaluations performed by audit and/or management control testing functions as well as regulatory exams to gather review and prepare required evidence
Experience:
- 35 years experience as a risk and control professional within a Big 4 accounting firm financial service industry or equivalent.
- Leading discussions with key stakeholders and staff to collect information requests.
- Experience conducting control testing including issue remediation testing
- Familiarity with process mapping and control identification along with data collection and analytic skills
Knowledge and Skills Required:
- Excellent analytical and problemsolving skills
- Excellent verbal and written communication skills
- Strong technology background
- Demonstrated ability to work proactively with all levels of management and staff
- Highly motivated detailoriented selfstarter who can set priorities take initiative and work both independently and proactively in a dynamic team environment;
- Ability to work under pressure multitask and be flexible;
- Ability/willingness to meet aggressive deadlines and objectives;
- Excellent interpersonal skills with a highly developed customer service orientation and ability to work effectively with all levels of internal staff and external contacts;
- Strong planning and project management skills;
- Strong process mapping and data collection and analysis skills
Education Training &/or Certification:
- BA / BS or equivalent. Advanced degree and/or certification a plus