Sr. IT Risk Advisor
- Job Title
- Sr. IT Risk Advisor
- Job ID
- Cincinnati, OH 45202
- Other Location
Title: Sr. IT Risk Advisor
Terms: Direct Hire
Location: Cincinnati, OH
Conexess Group is a staffing company that specializes in finding the right talent for our clients and connecting people with new opportunities.
Our client is a technology focused leader in the financial industry, and they are looking for a Sr. IT Risk Advisor. This position is responsible for implementing information technology risk management strategies identified by Business Controls and/or Technology Risk Managers. This position will be assigned overall responsibility for key areas and will have accountability for proper planning, prioritization and execution of supporting technology risk responsibilities. This position is responsible for hands-on execution of control/risk assessments and the development of control enhancement recommendations. Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined. While operating within the organization’s risk appetite, this person achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.
- Support Business Controls/Technology Risk in the execution of responsibilities to conduct risk assessments, implement self-assessment programs, perform technical research on risk topics, and other activities that support risk management goals for IT.
- Some of the primary responsibilities include:
- Support Business Controls/Technology Risk leadership on the implementation of information technology risk management strategy and operating priorities.
- Support the integration of the IT/technology risk management practices into key Information Technology and business areas.
- Build effective relationships with key individuals who own and support processes you are responsible for evaluating, including the appropriate line-of-business risk managers.
- Perform ongoing planning and prioritization of key projects and activities to ensure that resources are applied to the most critical areas.
- Communicate with Business Controls/Technology Risk Manager, as needed, to ensure proper prioritization and management of workload.
- Participate on projects and ensure that key IT risks are being adequately addressed.
- Coordinate with project managers to ensure that issues are identified, action plans are in place and that PLC requirements are being met.
- Perform risk assessments on key IT processes or assets, identify vulnerabilities and propose solutions to mitigate risk.
- Perform due diligence and risk assessments on IT service providers.
- Work with IT areas in developing an effective self-assessment process for proactively identifying risks associated with processes, applications and technical infrastructure components.
- Support compliance with applicable regulations, which include, but is not limited to the following: the FDIC Improvement Act, the Sarbanes-Oxley Act of 2002 and the Gramm-Leach-Bliley Act of 1999.
- Support the resolution of Internal Audit, regulatory, or Risk Management related issues that could impact the confidentiality, availability or integrity of data or processes.
- Create effective risk assessment documentation supporting work performed, including formal communication on risk assessment results.
- Be able to deliver effective presentations to management on summary of work performed and findings.
- Less than 10% travel
- Must be authorized to work for US employer without sponsorship
- Four to six years of information technology experience required. Desired experience should include a foundation in IT security and controls
- Previous experience performing hands-on IT risk assessments, information security consulting or IT audits
- At least one relevant technical or professional certification, such as CISA or CISSP, highly preferred
- Must possess excellent written and verbal communication skills, with a proven track record of interacting effectively with end-users and technology professionals.
- Able to work on multiple projects concurrently, manage time effectively and require minimal supervision in the execution of IT Risk Analyst responsibilities
- Must possess strong analytical capabilities and have a desire to learn new things.
- Bachelor's degree required, preferably in computer science or information systems.