Title:  IT Risk Manager

Terms:  Direct Hire

Location: Cincinnati, OH

 
Conexess Group is a staffing company that specializes in finding the right talent for our clients and connecting people with new opportunities.  

JOB SUMMARY

Our client is a technology focused leader in the financial industry, and they are looking for a IT Risk Manager. This position is responsible for implementing information technology risk management strategies and for hands-on execution of risk assessments and the development of control enhancement recommendations. You will be responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined. 

RESPONSIBILITIES

• Support Business Controls/Technology Risk in the execution of responsibilities to conduct risk assessments, implement self-assessment programs, perform technical research on risk topics, and other activities that support risk management goals for IT. 
• Some of the primary responsibilities include:
  • Support Business Controls/Technology Risk leadership on the implementation of information technology risk management strategy and operating priorities.
  • Support the integration of the IT/technology risk management practices into key Information Technology and business areas.
  • Build effective relationships with key individuals who own and support processes you are responsible for evaluating, including the appropriate line-of-business risk managers.
  • Perform ongoing planning and prioritization of key projects and activities to ensure that resources are applied to the most critical areas. 
  • Communicate with Business Controls/Technology Risk Manager, as needed, to ensure proper prioritization and management of workload.
  • Participate on projects and ensure that key IT risks are being adequately addressed. 
  • Coordinate with project managers to ensure that issues are identified, action plans are in place and that PLC requirements are being met.
  • Perform risk assessments on key IT processes or assets, identify vulnerabilities and propose solutions to mitigate risk. 
  • Perform due diligence and risk assessments on IT service providers.
  • Work with IT areas in developing an effective self-assessment process for proactively identifying risks associated with processes, applications and technical infrastructure components.
  • Support compliance with applicable regulations, which include, but is not limited to the following:  the FDIC Improvement Act, the Sarbanes-Oxley Act of 2002 and the Gramm-Leach-Bliley Act of 1999.
  • Support the resolution of Internal Audit, regulatory, or Risk Management related issues that could impact the confidentiality, availability or integrity of data or processes.
  • Create effective risk assessment documentation supporting work performed, including formal communication on risk assessment results. 
  • Be able to deliver effective presentations to management on summary of work performed and findings.

QUALIFICATIONS

• Must be authorized to work for US employer without sponsorship
• Four to six years of information technology experience required. Desired experience should include a foundation in IT security and controls
• Previous experience performing hands-on IT risk assessments, information security consulting or IT audits
• At least one relevant technical or professional certification, such as CISA or CISSP, highly preferred
• Must possess excellent written and verbal communication skills, with a proven track record of interacting effectively with end-users and technology professionals.
• Able to work on multiple projects concurrently, manage time effectively and require minimal supervision in the execution of IT Risk Analyst responsibilities
• Must possess strong analytical capabilities and have a desire to learn new things.
• Bachelor's degree required, preferably in computer science or information systems.