IT Risk Manager, PM
Jersey City, NJ
Contracted to Full Time
Mid Level
The Embedded Risk Specialist role (ERM)
Location: Jersey or Tampa- hybrid
A first line of defense (FLOD) which consists of the businesses and functional units, including Product Management, Operations Management, IT and other areas critical to daily operation and functioning.
Partner and liaise with the CLIENT Control Groups, Business FLODs with regard to identifying and assessing inherent risk, control effectiveness and residual risk
Explore opportunities to improve the effectiveness of controls while also exploring ways to simplify our processes without increasing residual risk
Responsible for monitoring and managing risk and liaising with various entities for audits and supports control-testing efforts.
Provides guidance to SIFMU and RISK Delivery with submission of self-identified findings, responding to and complying with CLIENT Audit findings.
About this Opportunity
This position is a technical ERM role responsible for providing technical SME support for the ERM and application development teams in SIFMU and Risk for technical company-wide initiatives.
ERM Function
Management to achieve business priorities.
Coordinate domain response to various control functions and Product Management to support the division
Provide governance and process support for the division while helping to ensure adherence to internal development processes
Teamwork – partners with other Embedded Risk Manager to identify best practices and monitors adheres to standard processes
Documentation – coordinates process reviews for internal and external audits, Compliance, Risk Management & Technology assessments using the Process Risks and Controls (PRC) Framework
Partners with control functions to support audits & assessments; coordinates Management Self-Identified (MSI) issues and manages the Issue Management process for the domain
Performs Management Testing to assess control effectiveness and documents results
Reviews of standards, policies, and procedures and performs rationalization per compliance guidelines. Supports the development and maintenance of system level documentation
Performs sustainability assessments and assesses adherence to regulator, business & compliance requirements and to the Process Risk and Control framework and identifies solutions to resolve control gaps to support our risk attitude
Manages process adherence within the division and helps to lead department initiative budget reporting
Technical Requirements
Minimum 5 years of experience in IT, risk management, and/or IT audit required
Broad understanding of Application Security
Understands / Knowledgeable in the following:
PEN and FOSS vulnerabilities
WAS
Service Accounts Password rotation
Oracle, AWS, JAVA, Springboot, Jenkins, Python
Unix, Linux, Tomcat, Liberty
Management Function – Technical and ERM
The successful candidate must be able to understand the technical interactions of an IT infrastructure, to include concepts associated with networks, cloud hosting, virtual environments, data management, etc.
Facilitate technical exchanges with stakeholders to discuss, quantify, and capture program risks
Apply sound judgment in facilitation and evaluation of IT risks and mitigation strategies
Think independently and strategically about potential downstream mission impacts
Respectfully, yet effectively challenge the identification and acceptance of risks to ensure concepts are well thought out and logically documented
Perform gap assessments of proposed risk mitigation strategies and influence customers towards holistic remediation strategies that address the root-cause issue(s)
Translate technical jargon into simple to consume concepts for varied stakeholders understanding.
Perform as a key Technical Advisor for articulating the portfolio of IT Risks, and relay challenges to ERMs, Applications development teams, and senior decision makers.
Qualifications
Bachelors’ Degree or industry equivalent work experience
Minimum 5 years applicable experience
Clear communicator, with good verbal and written communication skills
Ability to influence without authority
Ability to communicate technical concepts to a broad range of technical and non-technical staff
Must be able to demonstrate strong technical leadership.
Continuous proactivity and follow-through
Ability to prioritize and focus on most urgent tasks & work in a fast-paced IT environment.
Comfortable working closely with team management to review approaches and requirements that solve business problems.
Experience with governance, risk, and compliance projects and program oversight
Knowledgeable in Agile Development, with Scrum Master (or similar) experience
Ability to balance risks in ambiguous and complex situations
Demonstrated teamwork and collaboration skills in leading or contributing to global and multi-functional teams
Highly motivated to contribute and grow within a complex area of emerging importance
Demonstrates excellent organizational direction, time management, problem-solving, prioritization, goal setting, leadership, motivation, negotiation, and interpersonal relations
Works well under pressure and within time/budget constraints to solve problems or meet objectives
Strong analytical/problem solving skills and cross functional knowledge across multiple IT operational and security disciplines
Possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change
Experienced in status reporting to management.
Location: Jersey or Tampa- hybrid
A first line of defense (FLOD) which consists of the businesses and functional units, including Product Management, Operations Management, IT and other areas critical to daily operation and functioning.
Partner and liaise with the CLIENT Control Groups, Business FLODs with regard to identifying and assessing inherent risk, control effectiveness and residual risk
Explore opportunities to improve the effectiveness of controls while also exploring ways to simplify our processes without increasing residual risk
Responsible for monitoring and managing risk and liaising with various entities for audits and supports control-testing efforts.
Provides guidance to SIFMU and RISK Delivery with submission of self-identified findings, responding to and complying with CLIENT Audit findings.
About this Opportunity
This position is a technical ERM role responsible for providing technical SME support for the ERM and application development teams in SIFMU and Risk for technical company-wide initiatives.
ERM Function
Management to achieve business priorities.
Coordinate domain response to various control functions and Product Management to support the division
Provide governance and process support for the division while helping to ensure adherence to internal development processes
Teamwork – partners with other Embedded Risk Manager to identify best practices and monitors adheres to standard processes
Documentation – coordinates process reviews for internal and external audits, Compliance, Risk Management & Technology assessments using the Process Risks and Controls (PRC) Framework
Partners with control functions to support audits & assessments; coordinates Management Self-Identified (MSI) issues and manages the Issue Management process for the domain
Performs Management Testing to assess control effectiveness and documents results
Reviews of standards, policies, and procedures and performs rationalization per compliance guidelines. Supports the development and maintenance of system level documentation
Performs sustainability assessments and assesses adherence to regulator, business & compliance requirements and to the Process Risk and Control framework and identifies solutions to resolve control gaps to support our risk attitude
Manages process adherence within the division and helps to lead department initiative budget reporting
Technical Requirements
Minimum 5 years of experience in IT, risk management, and/or IT audit required
Broad understanding of Application Security
Understands / Knowledgeable in the following:
PEN and FOSS vulnerabilities
WAS
Service Accounts Password rotation
Oracle, AWS, JAVA, Springboot, Jenkins, Python
Unix, Linux, Tomcat, Liberty
Management Function – Technical and ERM
The successful candidate must be able to understand the technical interactions of an IT infrastructure, to include concepts associated with networks, cloud hosting, virtual environments, data management, etc.
Facilitate technical exchanges with stakeholders to discuss, quantify, and capture program risks
Apply sound judgment in facilitation and evaluation of IT risks and mitigation strategies
Think independently and strategically about potential downstream mission impacts
Respectfully, yet effectively challenge the identification and acceptance of risks to ensure concepts are well thought out and logically documented
Perform gap assessments of proposed risk mitigation strategies and influence customers towards holistic remediation strategies that address the root-cause issue(s)
Translate technical jargon into simple to consume concepts for varied stakeholders understanding.
Perform as a key Technical Advisor for articulating the portfolio of IT Risks, and relay challenges to ERMs, Applications development teams, and senior decision makers.
Qualifications
Bachelors’ Degree or industry equivalent work experience
Minimum 5 years applicable experience
Clear communicator, with good verbal and written communication skills
Ability to influence without authority
Ability to communicate technical concepts to a broad range of technical and non-technical staff
Must be able to demonstrate strong technical leadership.
Continuous proactivity and follow-through
Ability to prioritize and focus on most urgent tasks & work in a fast-paced IT environment.
Comfortable working closely with team management to review approaches and requirements that solve business problems.
Experience with governance, risk, and compliance projects and program oversight
Knowledgeable in Agile Development, with Scrum Master (or similar) experience
Ability to balance risks in ambiguous and complex situations
Demonstrated teamwork and collaboration skills in leading or contributing to global and multi-functional teams
Highly motivated to contribute and grow within a complex area of emerging importance
Demonstrates excellent organizational direction, time management, problem-solving, prioritization, goal setting, leadership, motivation, negotiation, and interpersonal relations
Works well under pressure and within time/budget constraints to solve problems or meet objectives
Strong analytical/problem solving skills and cross functional knowledge across multiple IT operational and security disciplines
Possess a high degree of integrity, be trustworthy, and have the ability to lead and inspire change
Experienced in status reporting to management.
Apply for this position
Required*