VP, Information Security and Technology Risk

Full Time

International Bank Client

Office Status: Hybrid

We are looking for an experienced Information Security and Technology Risk Manager to join our team to drive a consistent risk management approach in the 1st line of defense to identify, assess, manage and report Information Security and Technology risks across lines of business.

Principal Duties and Responsibilities

  • Assist the Information Security and Technology Key Risk Officer with monitoring risk and providing oversight and credible challenge of the 1st line control environment.
  • Develop and maintain Information Security and Technology policies and standards.
  • Collaborate with the business to develop Key Risk and Key Performance Indicators covering Information Security and Information Technology.
  • Conduct deep dives/risk assessments/gap analyses, identify opportunities for control enhancement and risk mitigation, and document findings.
  • Track remediation plans on material risk events and issues to ensure control gaps are closed.
  • Coordinate remediation efforts for risk and control issues and support issue closure or risk acceptances, as needed.
  • Work with action owners to collect and evaluate appropriateness of evidence.
  • Support key control committees and groups that govern Information Security and Technology risk.
  • Gain a deep understanding of the business’ needs and identify opportunities to strengthen the control environment.
  • Participate in the Risk and Control Self-Assessment program and review results conducted by the 1st line to assess whether the proper risks are identified and to verify the effectiveness of the control environment.
  • Participate in various ORM Framework enhancement projects (ex. Internal Control Testing, Scenario Analysis).
  • Raise awareness in the business lines of the importance of strong security and technology risk management practices and the need for effective controls.
  • Prepare presentation materials for leadership, business partners, and regulators.
  • Balance operational risk requirements with the need for efficient business operations.
  • Remain current with Information Security and Technology trends and regulatory areas of focus.

Qualifications:

  • Bachelor’s degree in computer science, engineering, MIS, information assurance or related technical field. Related experience acceptable in lieu of related degree.
  • 7+ years of experience working in a Technology Risk, IT Audit, Information Security or related field.
  • Practical hands-on technology experience in security principles, risk management and some business acumen is ideal.
  • Solid knowledge of information security and technology frameworks and industry best practices including: FFIEC, ISO, NIST, COBIT, ITIL.
  • Financial Services/Banking experience is strongly preferred.
  • High motivated, self-directed individual with the ability to work independently.
  • Strong project management capabilities with ability to multi-task.
  • Organized, with the ability to prioritize and complete tasks within defined SLAs.
  • Practical knowledge of risk reporting and development of key risk indicators.
  • Excellent analytical skills with the ability to identify emerging risks, summarize issues, and explain risk trends.
  • Strong collaborative and interpersonal skills as well as an ability to communicate (verbal, written and presentation) across all levels within the organization.
  • CISSP, CRISC, CISA, CISM, or CCSP certifications a plus.
Upload your CV/resume or any other relevant file. Max. file size: 2 GB.

Share on
Print