Previous Job
Previous
Information Risk Management - VP
Ref No.: 18-02099
Location: New York City, New York
Position Type:Direct Placement
Start Date: 04/19/2018
Duties and Responsibilities

Responsibilities include but are not limited to performing and participating in technology risk assessments for various IT departments.
  • Identify and assist in the management of IT risk issues including the identification of risks and assistance in the development of processes and controls to help mitigate the identified risks.
  • Assists the business and IT in conducting IT Risk assessments related to infrastructure, platforms, and applications in accordance with the company's Information Risk Management methodology.
  • Assist with the interpretation of corporate, local, and applicable regulatory Policies, Procedures and Controls.
  • Monitor and challenge IT and the business in vendor and application risk assessments and provide guidance in the development of solutions to help address identified issues.
  • Assist in the development, tracking and validation of metrics and measurements in order to identify weaknesses in controls.
  • Track open issues and review/evaluate evidence for closure of these items.
  • Provide functional and analytical support of GRC tools.
Education and Training
  • Bachelor's Degree in Computer Science, Risk Management, Accounting or Finance
  • CRISC / CISM / CISA or related certifications are highly preferred
Required Skills
  • Requires 5+ years in Information Technology Risk Management
  • Knowledge of standards and frameworks in any of these areas: ISO 27001, ISO9001, NIST, COBIT, FFIEC, ITIL and technology best practices
  • Experience with internal controls, risk assessment strategies, audit techniques, and project management
  • Understanding of technology related control development and gap analysis processes.
  • Proven analytical, problem solving and trouble shooting skills
  • Strong oral and written communication skills.
  • Strong team player who works well with peers and leaders alike with a desire to contribute positive change
  • Experience with Information Technology risk assessments; audits; & regulatory compliance.
Technical Skills
  • Experience with GRC tools
  • Understanding of various technologies and ability to discuss risks and compliance within the technology departments such as: operating systems, networking, security operations, internet services, databases, messaging, PC services
  • Proficient in the MS Office products, Adobe Acrobat, SharePoint