Our client has an immediate permanent opening for a Information Security Risk Manager to work in an enterprise environment responsible for providing operational and regulatory risk support.
Candidate will work on including risk assessments, control testing, monitoring, internal and external audit coordination, and assessing the accuracy and efficiency of control environments.
Hybrid in office and WFH.
location: Warren, New Jersey
job type: Permanent
salary: $150,000 - 190,000 per year
work hours: 8am to 4pm
The Senior Technology Risk Analyst will be responsible for leading risk assessments and identifying and mitigating risks across an enterprise environment, as well as supporting external audit and regulatory deliverables. This role will provide the right candidate with an opportunity to gain exposure to a variety of business functions and make an impact within a critical and highly visible organization.
- Provide independent advice, facilitation, monitoring, and assessment activities on a risk-basis . Define, measure, and report on technology related risks
- Support the improvement of principles, policies and governance processes, as well as maintaining minimum control standards, guidelines and key operating procedures to enable identification, management, reporting and mitigation of risks related to information technology
- Provide constructive review and challenge on the implementation and operation of 1st Line Controls, risk and control assessment results and control initiatives specifically relating to information technology
- Provide risk management guidance/advice to the 1st line on the management of risks, controls and compliance relating to information technology
- Assist with the implementation of financial systems, process changes, and ad-hoc control reviews to ensure the control environment remains strong as systems and processes evolve
- Participate in and lead assessment working-groups as necessary to understand and evaluate changes in the risk environment. Perform deep dives and reviews in high-risk areas to determine compliance with IT controls and review and provide recommendation of remediation activities
- Monitor the remediation around control weaknesses to ensure timely resolution
- Assist in vendor risk management program as necessary to monitor and analyze risks and determine overall information risk profile and health of the third-party vendors.
- Experience in creating Risk Management KPI/KRI and Dashboards for leadership review is desired
- Support Information Security Awareness training to staff and contractors
- Serve as 2nd line of defense and coordinator for all compliance, internal/external audit, and information security inquiries and engagements
- Experience with controls automation and data analytics is desired
- Bachelor's degree or equivalent work experience; experience in either Information Technology Risk & Control or Risk Management, ideally within the financial services industry
- 5 to 10 years of directly related experience in Information Security or Risk Management
- 5 - 7 years of demonstrated Governance, Risk, and Compliance or IT/ IS Audit related experience is required
- Relevant professional certifications or working towards attainment such as: Certified in Risk and Information Systems Controls (CRISC), Certified Information System Auditor (CISA), Certified Information Systems Security Professional (CISSP)
- Technology and technology risk assessment skills (e.g. cloud technologies, IT operations, data center services, storage and databases, server virtualization, cybersecurity operations, and data privacy)
- Working knowledge of relevant assessment frameworks and/or industry standards (e.g., COBIT 19) is a plus. Understanding of risk management principles, experience in risk management and experience in regulatory frameworks for information technology is a plus
- Exceptional organizational skills to balance work and lead projects
- strong cross-functional influencing skills, and proven ability to work with outside advisors
- Highly proficient with data analytics and reporting (e.g. PowerBI, Excel, PowerPoint)
- strong, professional written and verbal communication skills, including senior executive engagement
- Experience level: Experienced
- Minimum 5 years of experience
- Education: Bachelors
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.
For certain assignments, Covid-19 vaccination and/or testing may be required by Randstad's client or applicable federal mandate, subject to approved medical or religious accommodations. Carefully review the job posting for details on vaccine/testing requirements or ask your Randstad representative for more information.