Information Risk Job Description
Information Risk Duties & Responsibilities
To write an effective information risk job description, begin by listing detailed duties, responsibilities and expectations. We have included information risk job description templates that you can modify and use.
Sample responsibilities for this position include:
Information Risk Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Information Risk
List any licenses or certifications required by the position: CISSP, CISA, CISM, CRISC, I&AM
Education for Information Risk
Typically a job would require a certain level of education.
Employers hiring for the information risk job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Technical, Information Technology, Education, Business, Information Systems, Management, Engineering, Finance
Skills for Information Risk
Desired skills for information risk include:
Desired experience for information risk includes:
Information Risk Examples
Information Risk Job Description
- Establishing the 1st Line of Defense policies, standards, procedures and processes consistent with the 2nd Line of Defense risk management policies
- Understanding and managing Information and Technology risk associated with the operational processes for the IT division
- Managing risks processes related to IT-wide risk management reporting tool and systems
- Drive and execute business resiliency risk oversight agenda as part of the risk transformation objectives, across governance, enterprise and divisional policy, standards, procedures, risk assessment and treatment, testing, and metrics & reporting
- Establish and rationalize business resiliency risk related policies, standards and procedures at enterprise level, and review divisional policy and procedures for alignment and adherence
- Advising and supporting the PSP Director and team on policy and standards development
- Publishing and managing policies and standards that support the 3LoD Model
- Coordinating ERM policy and standards development between the IT CRO team, ERM risk officers and their teams, divisional risk personnel and division subject matter experts to ensure consistency and to identify and address any gaps in coverage and areas of overlap
- Working closely with the ERM team, divisional risk personnel, division subject matter experts and other IT CRO work-streams to ensure all updates and changes are accounted for within the applicable documents, and are in adherence to any and all program governance requirements pertaining to risk policies and standards
- Coordinate the UAT process for the Credit Data Warehouse implementation the UAT of the exploitation layer (DataMart)
- Two (2) years experience in audit/compliance/risk, information security audit/risk management or information security
- Oversee and manage all RISE Technology efforts across the organization
- Single point of contact for all RISE technology
- Manage all technology vendor relationships
- Develop and implement appropriate specific risk-based internal control, measures and monitoring mechanisms
- An Understanding of IRM governance, information classification and handling, records management, logical access management and data governance
Information Risk Job Description
- Utilize a management and reporting tool for compliance and certification processes
- Provide regular updates to key stakeholders on the overall technology risk and resiliency risk posture and recommendation for improvement
- Performing industry and regulatory related research to ensure policies and standard are commensurate with those at the largest financial institutions
- Providing advice, guidance and support to the divisions for related procedures developed
- Lead the efforts to create and manage agile process for controls related work
- Plan and support leadership team in executive and departmental reporting activities and deliverables
- Work with team to identify and improve process and increase efficiency
- Promote and support team collaboration via technology tools such as SharePoint
- Build strong and sustainable relationships and interact within leadership team, team members and external constituents
- Support the dissemination of information, communication of ideas, and management of internal/external communication for the Division/Department Leads
- Track record of success/high performance in a large, matrix organisation.Relevant professional qualifications
- Minimum Bachelor’s degree in Management Information Systems or other related technology discipline
- Defining, supporting and implementing components of CCB's Identity & Access Management strategy
- BA/BS in information technology, business administration, or related field
- Risk Posture – Working across EUS, assist in developing and maintaining the risk posture with input from lines of business
- Strong team player that can deliver their part deliver the whole team
Information Risk Job Description
- Maintain all information security policy and standard documentation
- Perform risk assessments utilizing enterprise GRC toolset
- Perform compliance or risk assessment interviews with solution managers, engineers and developers
- Review compliance or assessment artifacts and deliverables for completeness and accuracy
- Write test plans and test results reports in accordance with Church practices
- Document critical security risk findings for urgent resolution
- Generate reporting dashboard metrics or measures for multiple levels of management review
- Coordinate security assessment findings and reports with management, engineers and customers
- Coordinate application vulnerability testing
- Coordinate application penetration tests
- As an Information Risk Analyst for CCB (Consumer & Community Banking) Reporting and Security Metrics you will be a part of the Security Metrics and Reporting team within the Information Risk and Control function
- Understanding of current macroeconomic trends and how to provide recommendations to improve the PD estimation based on the business cycle
- Minimum 4 years experience rating and/or underwriting at a leading financial institution or rating agency preferred
- Bachelor’s degree from a top tier university with high GPA and a degree (or substantial coursework) in finance, accounting, economics, or statistics required
- Graduate degree with a finance or business emphasis, or Chartered Financial Analyst (CFA) designation, is a preferred
- Exp in the financial ( credit risk area) and/or tech sectors
Information Risk Job Description
- Ensure sensitive data handling systems comply with Church policies and procedures
- Propose and implement approved compliance process improvements
- You will develop, initiate and manage audits
- You will project manage large security related projects to mitigate risks
- You will manage and Improve Risk Assessment Process
- You will manage metrics and monitoring as it pertains to security
- You will review violation reports and investigates security exceptions
- You will ensure compliance of internal policies through departmental audits
- Manages IT controls and compliance functions
- Performing complex operating system, application, and network security investigations
- Ability to think critically to devise solutions to complex problems (excel at decision-making, consensus building and conflict management
- Experience managing multiple, concurrent security/technology projects involving cross functional groups
- Ability to motivate local geographically diversified colleagues and business partners located in London, Gurgaon and New York
- Scientific, business or economic degree
- Superior analytical skills utilizing SAS and Excel
- Risk Management background in strongly desirable
Information Risk Job Description
- To support the ongoing management of all information risks facing the business, ensuring current processes remain fit for purpose and support the management and mitigation of any exposures
- Providing support and oversight of the risk management processes in the international and non insurance business units
- Performing risk analysis and make risk remediation recommendations
- Documenting standard procedures, assessments and compliance testing results
- Supervising the IT Risk Management team
- Manage relationships with security, technology, business stakeholders and third parties to identify and communicate security risks and mitigation approaches
- Document and implement risk assessment process to be deployed to Sony globally
- Conduct meetings with business technology officers department heads to enforce team to team and intra-team cybersecurity risk based communication
- Help enforce a consistent, organization-wide, response to risk in accordance with the organizational risk framework
- Verify that planned risk response measures are implemented within stated timeframes
- A degree or professional qualification, relevant to Information Security (such as MSc, CISSP or, CISM or equivalent)
- An understanding of normal network infrastructure such as VPNs, firewalls, switches, routers, LANs
- Working well with others or and individually
- Presenting documentation in a professional and well structured format
- Ability to see the customer perspective, from a business point of view, the most secure solution is not always workable or realistic considering costs and benefits
- Adapting personal approach to suit situations, individuals, groups and cultures