Technology Risk Advisor
Job Description:We are recruiting for a local banking client. Please email your resume to [email protected] if interested. This is a contract to hire role, that is hybrid onsite in Cincinnati.
- Ability to communicate ideas both verbally and in writing to management, business and IT sponsors, and technical resources in language that is appropriate for each group
- Ability to conduct risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications and systems
- Ability to develop and maintain Information Security standards, procedures, and guidelines
- Ability to prioritize multiple tasks
- Ability to work independently, as well as in a team environment.
- Ability to work well with a team to coordinate activities
- Risk Assessment
- Technology and/or Risk foundational knowledge or experience
Supports the execution of risk management programs for Information Technology and Information Security. Maintain a balance between increased efficiency and appropriate risk mitigation and controls for the Line of Business (LOB)/function in alignment with Risk Management vision and strategy and the LOB strategic plan. The Technology and Information Security Analyst provides oversight and credible challenge to LOB/functions and escalates concerns, as appropriate, in support of the Banks Risk Management Framework.
This position is responsible for providing oversight and challenge to technology and information security activities. This position is responsible for hands-on execution of control/risk assessments and the development of control enhancement recommendations.
Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined. Accountable for always doing the right thing for customers and colleagues, and ensures that actions and behaviors drive a positive customer experience. While operating within the Banks risk appetite, achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.
This position is responsible for providing oversight and challenge to information technology activities. This position is responsible for hands-on execution of control/risk assessments and the development of control enhancement recommendations. Responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Supports the Information Security Extended Security Program team in the execution of responsibilities to conduct risk assessments, assist with self-assessment programs, perform technical research on information security and risk topics, and other activities that support information security risk management goals.
- Understands operational risk program elements (i.e. IT/CSRM, RCSA, BCRA, KRI, etc) methodology, governance, standards, and procedures, including templates and overall framework.
- Understand the organizational structure and primary objectives of the LOBs supported.
- General understanding of key data privacy regulations (e.g. GLBA, PCI DSS, CCPA, GDPR)
- Ensure the operational risk appetite is understood by the business.
- Partner with LOB for risk issue identification, escalation, and resolution. Oversee the identification and documentation of operational processes, risks, and controls.
- Serve as resource and provide guidance to the LOB on risk management issues.
- Provide oversight of LOB risk Program activities including, but not limited to, key risk indicators, risk control assessments, business change risk assessment, policy/guideline reviews, and third-party risk support.
- Performs periodic reviews of LOB procedures and provides guidance for new processes.
SUPERVISORY RESPONSIBILITIES: None
MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED
- 3 years of information technology experience required. Desired experience should include a foundation in IT security and controls. While experience in a number of IT disciplines may provide a solid framework for this position, hands-on results from performing IT risk assessments, information security consulting or IT audits are most beneficial.
- Relevant technical or professional certification, such as CISM, CRISC, CISA or CISSP, is a plus
- Expertise in technology and security frameworks such as NIST, COBIT and ITIL are strongly desired
- Bachelors degree required, preferably in computer science or information systems.
- A clear understanding of the Banks approach to the management of operational risk, or equivalent experience gained in other organizations is preferred
- Professional verbal and written communication skills and the ability to communicate with discretion and understanding when confidentiality is required.
- Must demonstrate intellectual curiosity, be analytical and possess the ability to interpret and apply policies and regulations across a complex business(es).
- A general understanding of banking regulations is a plus.
- Must be results and goal oriented, possess sound judgment and ability to apply logical/critical thought processes when approaching work or making recommendations for solutions.
- Ability to work in a dynamic work environment that requires multiple demands, shifting priorities, and rapid change.
- Must be able to maintain independence and objectivity in all aspects of position.
- Working knowledge of Microsoft Office products. Demonstrated ability to learn applications and internal banking systems.
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [email protected] or 844-463-6178.
Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico.