Sorry, this job is no longer accepting applications.
See below for more jobs that match what you’re looking for!
Technology Risk & Compliance Manager
Pierce Technology Corp
Montvale , NJ 07645
Posted 3 weeks ago
This Job is not relevant Tell us why
All IT risk management activities are coordinated through this role. IT includes the coordination of IT policy drafting and scheduled review. The Technology Risk and Compliance Manager is responsible to maintain the IT Risk Framework and its associated controls and reporting. This role is responsible to evaluate overall information technology risk, maintain an active view, and report on the actual, mitigated and residual risk in the technology organization. All compliance closure activities are coordinated through this role, including the control and actual submissions for closure.
- This role provides organization with strategic direction in the establishment of IT risk-based auditing and reporting methodologies, and organization design.
- Collect information and review documentation to ensure that risk scenarios are identified and evaluated.
- Identify legal, regulatory and contractual requirements and organizational policies
and standards related to information systems to determine their potential impact on the business objectives.
- Identify potential threats and vulnerabilities for business processes, associated data
and supporting capabilities to assist in the evaluation of enterprise risk.
- Create and maintain a risk register to ensure that all identified risk factors are accounted for.
- Assemble risk scenarios to estimate the likelihood and impact of significant events to the organization.
- Analyse risk scenarios to determine their impact on business objectives.
- Develop a risk awareness program and conduct training to ensure that stakeholders understand risk and contribute to the risk management process and to promote a risk-aware culture.
- Correlate identified risk scenarios to relevant business processes to assist in identifying risk ownership.
- Validate risk appetite and tolerance with senior leadership and key stakeholders to ensure alignment
- Identify and evaluate risk response options and provide management with information to enable risk response decisions.
- Review risk responses with the relevant stakeholders for validation of efficiency, effectiveness and economy.
- Apply risk criteria to assist in the development of the risk profile for management approval. Assist in the development of risk response action plans to address risk factors identified in the organizational risk profile.
- Collect and validate data that measure key risk indicators (KRIs) to monitor and communicate their status to relevant stakeholders.
- Monitor and communicate key risk indicators (KRIs) and management activities to assist relevant stakeholders in their decision-making process.
- Facilitate independent risk assessments and risk management process reviews to ensure they are performed efficiently and effectively.
- Identify and report on risk, including compliance, to initiate corrective action and meet business and regulatory requirements.
Information Systems Control Design and Implementation
- Interview process owners and review process design documentation to gain an understanding of the business process objectives.
- Analyse and document business process objectives and design to identify required information systems controls.
- Design information systems controls in consultation with process owners to ensure alignment with business needs and objectives.
- Facilitate the identification of resources (e.g. people, infrastructure, information, architecture) required to implement and operate information systems controls at an optimal level.
- Monitor the information systems control design and implementation process to ensure that it is implemented effectively and within time, budget and scope.
- Provide progress reports on the implementation of information systems controls to inform stakeholders and to ensure that deviations are promptly addressed.
- Test information systems controls to verify effectiveness and efficiency prior to implementation.
- Implement information systems controls to mitigate risk.
- Facilitate the identification of metrics and key performance indicators (KPIs) to enable the measurement of information systems control performance in meeting business objectives.
- Assess and recommend tools to automate information systems control processes.
- Provide documentation and training to ensure information systems controls are effectively performed.
- Ensure all controls are assigned control owners to establish accountability.
IT Policies/Governance and Compliance
- Coordinate the development and ongoing maintenance of other IT policies and procedures.
- Ensure that all IT policies and procedures are compliant with regulatory requirements.
- Maintain a schedule of policy review, monthly reports (Board Reports) and submission to Legal for approval
Disaster Recovery Coordination
- Maintain the IT Disaster Recovery Plan including annual reviews.
- Oversee the regular testing of the plan and update for major changes in hardware, applications, business and regulatory requirements accordingly.
- Coordinate testing and reporting of data backup restorations in accordance with Key Performance Indicators (KPIs).
Projects and Initiatives related to IT
- Participate in IT projects and initiatives to bring pro-active risk management focus into solutions.