Messages In This Digest (1 Message)

1.: Information Risk Manager - Big 4 IT Control Experience - FS - Boston From: Gary Wright - Wright Associates

Message

1.: Information Risk Manager - Big 4 IT Control Experience - FS - Boston

Posted by: "Gary Wright - Wright Associates" gary_wright@verizon.net wrightassociates

Wed Oct 5, 2011 2:06 pm (PDT)

Please feel free to refer this position to other groups and people you know.

Position Title – WRAMIRM102011

Information Risk Manager – Big 4 IT Control Experience – FS – Boston, MA
Area – Excellent Package

Excellent Compensation Package – Base + Bonus + Comprehensive Benefits -

No Relocation or Sponsorship

Background Checks Required as part of the Hiring Process.

Company

Large, successful, and growing Massachusetts based Financial Services Firm
is building an Emerging Technology Center & they are looking for a number of
resources that are the Best of the Best - Great Company – Lots of Upside –
Excellent Compensation Package – Bonus – Comprehensive Benefits – Work/Life
Balance – Flex Time and more - Join a team oriented, collaborative, results
focused environment and become part of an elite organization with great
growth potential.

Position Responsibilities – Summary

Information Risk Manager (IRM) works with business unit staff to identify
and prioritize risk components, understanding and reporting on the overall
risk posture of the business. IRM also ensures IT Control Policies are
followed within the line of business and monitoring action plans that are
developed and executed to address any non-compliance with policy
requirements. The IRM is responsible for the three principle activities of
risk awareness, advisory and compliance.

This role is not a manager of people, rather a Manager of the IT Controls
Process. This is an individual contributor role.

Responsibilities:

Specific responsibilities include but are not limited to:

· Identify, synthesize, and communicate the information risks and
associated controls for assigned business units. Analyze risks to understand
trends within a business unit.

· Joint accountability with the business unit to address identified
risks

· Regularly report information risk metrics to business unit
management

· Communicate technology related policies and standards and how they
should be applied within the business units to ensure risk is managed to an
acceptable level and compliance achieved where it represents a significant
risk to the business.

· Collaborate with Information Risk Consultants to proactively
identify potential risk exposures within new technology solutions being
designed and implemented, and partner with application development teams and
Core Information risk services groups to implement appropriate solution to
mitigate exposure.

· Ensure various risk analysis assignments, including application as
assessments, due diligence reviews, and vendor reviews are completed,
reviewed, and analyzed in a timely manner.

· Identify areas of unmanaged information risk within the current
environment and institute the appropriate controls to mitigate exposure.

Customer Facing Program and Business Initiatives:

· Support customer information risk reviews, including self
assessments

· Support the customer-facing associates to respond quickly and
consistently to inquiries on topics such as RFP's, Information Security, SAS
70, and Internal Controls.

Proactive Risk Analysis:

· Support end-to-end information risk analysis of business process,
application portfolio, and computing environment.

· Support end-to-end compliance reviews and where risks cannot be
appropriately mitigated, assist in preparation and execution of the Risk
Acceptance process, describing the level of risk, areas of non-compliance,
and identification of mitigating controls.

· Identify control deficiency trends and work with Core Information
Risk Services to develop and implement solutions.

Core operations, Information Security, Training & Awareness, Governance:

· Active engagement with Information Risk Consultant to ensure that
IT risks are identified and addressed, and appropriate controls are
incorporated into architectures and systems design.

· Document all risk reviews and provide management summary.

· Ensure all corrective actions are recorded in the corporate
repository.

Required Skills and Competencies:

· 2+ years Big 4 IT Control Process Experience Required

· Experience with industry standard Information Technology Control
Policies and Standards frameworks

· Ability to manage by influence and establish effective working
relationships with all levels of management

· Effectively resolves conflicts between individual needs and
requirements of the organization

· Demonstrates a strong ability to identify, analyze, and solve
problems

· Able to communicate complex information in user-friendly terms

· Excellent oral and written communication skills

· 3-5 years technology background with significant exposure to
Information Risk, Information Security, or Audit.

· CISSP or CISA qualified or relevant experience

· Strong communication, relationship building and presentation
skills and technology background with significant exposure to Information
Risk, Information Security, or Audit.

Contact Information – (Resume in Word Format Please)

Gary Wright - President – Wright Associates

Phone - (508) 761-6354 - Email - replywrightassociates@verizon.net - WEB
Site – www.wrightassociates.org

[Non-text portions of this message have been removed]

Back to top
Reply to sender | Reply to group | Reply via web post
Messages in this topic (1)

Create New Topic | Visit Your Group on the Web

Messages | Members

The New England Networking Group is Moderated by:

Gary L. Wright - President/Principal - Wright Associates

Wright Associates specializes in High Technology Recruiting Services for the New England Market Place.

Phone: 508-761-6354
Email: mailto:garywright@prodigy.net
Website: www.WrightAssociates.org

MARKETPLACE

Stay on top of your group activity without leaving the page you're on - Get the Yahoo! Toolbar now.