| Requisition Number | 13-0945 |
| Post Date | 8/19/2013 |
| Title | Senior IT Risk Manager |
| Part Time? | No |
| City | Memphis |
| State | TN |
| Description | The
Sr. IT Risk Manager function reports to the CISO, and is part of the IT
Risk Management team. The Sr. IT Risk Manager is responsible for
managing the continued development of the IT Risk and Security
Management framework -- ensuring that policies and procedures align with
regulatory requirements and industry frameworks. Other
responsibilities include internal and third party risk assessments,
change management, manage key IT regulatory relationships, support
security awareness and manage other IT risk projects as needed. The ideal candidate is an experienced IT Risk Manager with a demonstrated expertise and leadership in: • Implementing and IT Risk and Security Framework in a large organization. • Creating and quality-assurance reviewing policies and standards. • Identifying and assessing the risks associated with internal and third party (vendor) IT processes • Aligning regulatory requirements to policies and standards; and managing IT risk projects. • Developing, implementing, communicating, and maintaining related policies and procedures. As a member of the IT Risk team, the candidate will be expected to: • Support the CISO in the development and implementation of the IT Risk and Security Management policies standards, procedures and ongoing processes. • Serve as the primary resource to senior management on matters of significance relating to IT risk management issues, benchmarking and policy advisement. • Manage the Change Management Program • Work with IT and the lines of business and vendors to identify IT and security risks, develop risk reporting and risk remediation plans • Support the management of a compliance framework to ensure the organization meets it responsibilities in accordance with FFIEC guidelines with specific emphasis on GLBA. • Serve as a liaison to bank regulators, internal and external audit, and coordinate IT related activities related to Sarbanes Oxley, Internal Audit, and OCC. • Ensure that all pertinent Information Security regulatory requirements are understood by line of business, IT, and team members. Essential functions of this role include: • The candidate must be able to partner across the technology and business teams to maximize the quality, integration and effectiveness of the risk management program. This requires a very proactive, open and communicative approach through all aspects of planning and execution. • Such a partnership is also expected with the other business-aligned risk managers, sharing the common goal of providing a well-controlled operating environment to maximize value to our shareholders. • The individual is expected to be able to communicate concisely and effectively with all levels of the organization. • The ability to communicate effectively with both technologists and business personnel is critical, including the usage of business relevant terms to describe technology risks. |
| Requirements | •
Experienced Information Technology professional with a proven Financial
Services track record of at least 8 years in Technology Risk
Management, IT risk policies and standards, and risk-based projects. • Leadership and expertise in at least three of the following: IT risk standards creation, change management, risk assessment methodology, technical controls compliance process creation or assessment, certification against IT risk and security industry frameworks (e.g., ISO-27001, COBIT). • Experience in Sarbanes-Oxley IT General Controls, GLBA and FFIEC requirements. • Demonstrated experience in process engineering and evaluation. • Practical knowledge of project and program management concepts and controls. • Proven IT Risk leader with experience in implementing change across an organization. • Enthusiastic, effective communicator who thrives under pressure and is willing to take personal responsibility and accountability. • Extensive communication skills and experience in driving process improvement. • Strong problem solving and analytical capabilities • Excellent written and oral presentation skills with the ability to create and define policies and procedures that substantially represent regulatory requirements. |
https://re31.ultipro.com/FIR1007/JobBoard/JobDetails.aspx?__ID=*98EADB804F5A1DD4
No comments:
Post a Comment