IT Risk Manager Resume Samples

4.5 (95 votes) for IT Risk Manager Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the it risk manager job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Resume Builder
CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Create a Resume in Minutes
MC
M Christiansen
Madilyn
Christiansen
91537 Ullrich Pass
Houston
TX
+1 (555) 734 7906
91537 Ullrich Pass
Houston
TX
Phone
p +1 (555) 734 7906
Experience Experience
Dallas, TX
IT Risk Manager
Dallas, TX
McGlynn, O'Conner and O'Hara
Dallas, TX
IT Risk Manager
  • Responsible for developing and implementing IT security and risk management frameworks and policies
  • Develop and implement a Line 2 IT Risk Management Framework, supporting the design on Line 1 control environment and build out risk policy and procedure
  • Develop and establish IT risk reporting against established enterprise risk metrics
  • Conduct performance reviews and contribute to performance feedback for all levels of staff
  • Manage, train and coach local IT Risk team at Montreal, which supports regional objectives of CIB Americas IT Risk Management
  • Fostering and developing strong networks (local, area, global) with key service line champions in the global firm
  • Manage communication and coordination with key stakeholders in North America; in relation to IT Risk Management process
Chicago, IL
Risk-it Risk Manager
Chicago, IL
Quitzon, Koepp and Nicolas
Chicago, IL
Risk-it Risk Manager
  • Assisting in the implementation of 3LoD initiatives for the team for 2016 and into 2017, resulting in a BAU operating model
  • Develop relationships with functions engaged in IT Risk Management
  • Undertake Risk Reviews of IT Control framework
  • Completing implementation activities during the course of 2016 and into 2017, working with colleagues in GTO Technology, CISO and GDM. This will range from
  • Assisting in the implementation and operationalization of the IT Risk function through delivery of key initiatives and the establishment of the APAC operating model
  • Strong work ethic and sense of urgency in personal approach to problems
  • Completing implementation activities ranging from CTB to RTB programs, working with colleagues in core COO Technology, CISO and GIRM and CDO. This will range from
present
Phoenix, AZ
Senior IT Risk Manager
Phoenix, AZ
Bogisich LLC
present
Phoenix, AZ
Senior IT Risk Manager
present
  • Assist in finding pragmatic, cost effective solutions to identified security and risk issues
  • Develop key Information Security, Risk and Compliance reporting metrics to ensure progress on these programs is managed and understood by leadership
  • Serve as a member of the IT Leadership Work Group and work effectively with peers and other (up to and including members of Executive Management)
  • Make team personnel recommendations regarding employment, career development performance evaluations, compensations and promotions within policy and guidelines
  • Work closely to align security and risk advice with other divisions within the bank, such as Security Architecture
  • Develop and maintain strong, positive working relationships and effective channels of communication with other risk associates, including those in Enterprise Risk Management, Operational Risk Management, associates in other control functions and Executive/Senior IT Services' management. Provide direction and guidance in the development, implementation and communication of risk-related policies and standards
  • Provide aggregated risk oversight for one or more high-impact areas of IT Services for core components of IT risk mitigation, governance, measurement and reporting activities. Actively engage in end-to-end risk remediation planning, resolution and monitoring activities, including Technology Continuity Management planning and testing activities. Collaborate with senior business and IT Services ' leaders and other risk managers to resolve challenging risk matters
Education Education
Bachelor’s Degree in Computer Science
Bachelor’s Degree in Computer Science
Columbia University
Bachelor’s Degree in Computer Science
Skills Skills
  • Strong problem solving aptitude, with good attention to detail
  • A strong personal network and the ability to play a role in the development of new business
  • Strong interpersonal skills and ability to develop deep relationships of trust with IT and business stakeholders
  • Business Knowledge: Working knowledge of the Property & Casualty insurance industry especially the key business drivers and risk factors
  • Excellent communication skills, both written and verbal with ability to articulate complex IT risks in simple business terms
  • Strong business awareness, sound reporting skills and the ability to work under your own initiative
  • A relevant professional qualification (i.e. CA, IISP, CISA, CISSP, CIA or CISM)
  • Excellent communication and presentation skills
  • Keeps up to date with Information Security current affairs relating to information security, business continuity, data management, security and encryption, vulnerability analysis and audit
  • Provide AMP with a thorough understanding of its IT risk and security profile
Create a Resume in Minutes

15 IT Risk Manager resume templates

1

IT Risk Manager Resume Examples & Samples

  • 6) Provide control commentary into IT Risk reporting on key services, audit, risk and regulatory issues and attend any appropriate IT and Business Risk committees. Ensure that the IT Operational Risk metrics, assessments and reporting are in line with the expectations of the UBS Group and that they are supplied with the correct data and that effective risk
  • 7) Maintain an external network with other senior IT Risk professionals as well as applicable risk forums/bodies
  • 8) Undertake proactive thematic risk reviews in order to proactively identify risk issues and act as an SME reviewer of technical risk assessments covering the functional area
  • 9) Liaising with internal and external auditors
  • 10) Liaising and partnering with our IT ORM peers covering other CIO areas, as well as Information Security and Legal & Compliance organisation to ensure complete risk profile understood
  • The successful candidate will need to develop strong client relationships within those IT functions it is supporting as well as relationships with key stakeholders (e.g. business owners) across UBS Group. The ability to work with and communicate / report to senior management is especially important
  • The successful applicant will need a variety of skills to ensure that the role is a success: excellent problem management skills, strong organisation skills; ability to communicate with different levels of seniority as well as ability to communicate IT issues in business language; the ability to network well and get on with people; solid experience with handling management information and metrics – design, collection, analysis and senior management reporting; a strong focus on delivery; and experience of a project environment. IT Risk knowledge is an advantage along with the corresponding qualifications (CISSP, CRisk or equivalent) but not essential, training will be provided. Experience of an IT Service Delivery Methodology such as ITIL, COBIT, and 6 Sigma would be an advantage
  • As this role is focused on Information Technology within a Banking environment, candidates who come from this background will be able to add value to the team more swiftly. This is not, however, a prerequisite. Training will be provided in the relevant regulatory aspects of IT Operational Risk and the appropriate tools and technologies
2

Senior IT Risk Manager Resume Examples & Samples

  • Line management responsibilities for a small team of direct reports
  • Assist in finding pragmatic, cost effective solutions to identified security and risk issues
  • Professional certifications in key technologies (e.g. CISSP/CCNA/CCSE/CEH/CHFI etc)
  • Extensive IT Risk security experience, ideally within an IT Environment in a large financial services organization and/or in consulting. Understanding of the impact of technology on banking systems, ideally with some Product knowledge, Fixed Income, Equities etc
  • Strong knowledge of Risk Assessment ‘methodologies’ and strong communication skills/ experience with facing demanding clients
  • Proven track record in delivery of quality IT Risk services to IT
  • Excellent relationship management and client focus skills
  • Excellent written, interpersonal and presentation skills
  • Ability to manage a team to deliver, including managing the team book of work
  • Degree in a scientific, computing, mathematical or engineering degree or equivalent experience
  • LI-SA2*
3

IT Risk Manager Resume Examples & Samples

  • Evaluates alternative means of reducing the firm�s exposure to catastrophic loss
  • Implements risk valuation models
  • Provides technical guidance to employees, colleagues and/or customers
4

IT Risk Manager, Banking & Capital Markets Resume Examples & Samples

  • A relevant professional qualification (i.e. CA, IISP, CISA, CISSP, CIA or CISM)
  • A proven track record of experience from either a big 4 practice, consulting or from within the
  • Banking & Capital Markets sector
  • Subject matter specialism in a relevant area of technology
  • A strong personal network and the ability to play a role in the development of new business
  • Exceptional client relationship and consulting and/or assurance skills
  • Ability to manage across multiple complex projects
  • Strong business awareness, sound reporting skills and the ability to work under your own initiative
  • Risk and Regulatory Frameworks (ITIL, CobIT, ISO 27001, PCI-DSS etc)
5

IT Risk Manager Resume Examples & Samples

  • Service Management
  • Identity and Access Management
  • Threat and Vulnerability Management
  • Data Governance / Management
  • Project Assurance
  • Business Continuity Management and Disaster Recovery
  • A proven track record of experience from either a big 4 practice, consulting or from within the Banking & Capital Markets sector
  • Exceptional client relationship and consulting and/or assurance skills Ability to manage across multiple complex projects
6

IT Risk Manager Resume Examples & Samples

  • Develop and implement a Line 2 IT Risk Management Framework, supporting the design on Line 1 control environment and build out risk policy and procedure
  • Work closely with the business to provide IT Risk advisory support, building strong stakeholder relationships to enhance risk assessment and above all, risk culture
  • Assess and effectively communicate the business' technology risk profiles
  • Support Line 1 in effectively monitoring and evaluating technical issues and incident management
  • Develop, review and implement technology self-assessments, and oversee the controls assurance process
  • Navigate the IT environment and associated risks, including internal systems, data storage, projects, digital channels, outsourced businesses, and 3rd Party agreements
  • Demonstrable extensive Operational Risk/Audit/Assurance experience
  • Must possess a technology/IT background and understand key IT Risk Management trends, ideally from a Line 1 or Line 2 risk perspective
  • Working knowledge of Financial Services/Banking industry
  • Demonstrates business partnering to drive risk maturity and the ability to be hands on & deliver
7

Senior IT Risk Manager Resume Examples & Samples

  • Provide day-to-day leadership direction and management guidance to the coverage team and serve as primary point of contact for any assigned IT Service group(s). Ensure the development of aligned Risk Management processes, procedures, reporting and activities. Lead and/or provide oversight to assigned initiatives to ensure successful completion and realization of benefits/objectives
  • Provide aggregated risk oversight for one or more high-impact areas of IT Services for core components of IT risk mitigation, governance, measurement and reporting activities. Actively engage in end-to-end risk remediation planning, resolution and monitoring activities, including Technology Continuity Management planning and testing activities. Collaborate with senior business and IT Services ' leaders and other risk managers to resolve challenging risk matters
  • Be a trusted adviser, provide consultative services to IT Services group(s) to facilitate awareness, support and guidance of risk identification and migration strategies; interpret regulatory guidance to reduce risk. Advocate for BB&T’s risk culture throughout the IT Services group(s); promote and influence education for associates on sound risk management practices. Attend and participate in assigned IT Services group(s) staff meeting, audits and strategic projects to better integrate into the groups
  • Develop and maintain strong, positive working relationships and effective channels of communication with other risk associates, including those in Enterprise Risk Management, Operational Risk Management, associates in other control functions and Executive/Senior IT Services' management. Provide direction and guidance in the development, implementation and communication of risk-related policies and standards
  • Manage processes and assist on strategic risk initiatives that provide IT Services' and BB&T leadership with information needed to make informed risk management decisions within risk appetite/tolerances. Consult on projects in pipeline. Develop effective/valid reporting, working with peers to identify trends, emerging risk and key risk themes within IT Risk Management and across other groups and lines of business. Develop and deliver presentations and communications to senior leaders and Executive Management
  • Make team personnel recommendations regarding employment, career development performance evaluations, compensations and promotions within policy and guidelines
  • Evaluate key risk indicators and changes in risk profile, driven by environmental influencers, new business changes, assessment findings, etc. Demonstrate and share business acumen thorough understanding of industry risk drivers, emerging risks, and IT trends related to IT Services group(s)
  • Engage in pre- and post-project risk assessments and participate in other key risk assessments. Provide guidance and support in the proactive identification and mitigation of risk management practices in areas including Risk and Control Self-Assessments (RCSA), IT Risk Assessments, Application Portfolio Management Assessments, Vendor IT Risk Assessments, Disaster Recovery, Event Reviews and Application Criticality Assessments. Decision on, monitor and risk assess third-party and vendor relationships
  • Serve as a member of the IT Leadership Work Group and work effectively with peers and other (up to and including members of Executive Management)
  • Proactively develop and ensure efficiency of risk-based processes and programs to effectively align with and support business partners
  • Ensure that for the Federated IT Risk Management principles and concepts that risk associates understand their risks, have established and use proper metrics, tools and reporting, and can demonstrate their ability to manage their risks
  • Represent BB&T in key industry organizations, forums and other venues
  • Bachelor's degree with in a financial-related discipline (e.g., Accounting, Business, Finance) or equivalent education and related training
  • Ten years of experience in a financial institution with emphasis on risk management or equivalent work experience and training
  • Extensive experience in IT risk and operations, including extensive knowledge of IT policy, procedures and regulations
  • Knowledge of key technology rules/regulations and IT risk management practices (e.g., Information Security, Business Continuity, Federal Financial Intuitions Examination Council (FFIEC), Control Objective for Information and Related Technology (CoBIT), Information Technology Infrastructure Library (ITIL))
  • Excellent leadership skills; excellent communication (verbal and written), presentation and facilitation skills
  • Ability to influence and communicate with impact
  • Excellent interpersonal and relationship management skills with ability to interact and communicate within all levels of organization and within public sector/governmental agencies
  • Excellent negotiation skills and highly collaborative planning ability, excellent diplomacy, tact, judgment, problem-solving and decision-making skills; effective use of delegated authority
  • Ability to successfully manage multiple projects and priorities concurrently
  • Strong work ethic, consistent follow through, and positive attitude
  • Demonstrated proficiency in basic computer applications, such as Microsoft Office software programs
  • Master's degree in Finance or Business equivalent
  • Professional designations such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRlSC), Certified Project Manager (CPM)
  • Strategic business and financial planning experience
  • Experience with audit processes and techniques
  • Certification in process excellence and process improvement methodologies (e.g. Six Sigma or LEAN)
8

IT Risk Manager Resume Examples & Samples

  • Project Management: Project manage a portfolio of client engagements, which includes determining the project scope and resource requirements, monitoring progress against budget and established timeframe, review of work completed by junior team members and resolving all project issues prior to Partner, Director or Senior Management review
  • Client Service Delivery: Liaise directly with clients and internal teams to scope engagements, budgets and timeframes. Act as a point of escalation throughout an engagement with respect to project delivery matters. Identify and raise matters with a director or partner while exercising judgement within agreed parameters
  • Networking and Marketing: Act as an ambassador of the firm, participate in marketing events, keep abreast of the wide range of services the firm offers and suggest innovative products and services. Attend team meetings and represent the Technology Risk team at office and firm meetings as required
  • Personal Development: Develop the necessary skill set in core product streams and specialise in two of these areas by proactively staying informed of developments and marketing services
  • CISA qualified (Essential), and a professional qualification in finance such as ACA, ACCA or CIMA (desirable)
  • Experience of IT general controls and application control reviews in support of external audit engagements
  • Experience of supporting external audits companies in a variety of sectors (for example, retail, manufacturing, financial services, technology or professional services sector)
  • Experience of auditing ERP packages such SAP, Oracle & Dynamics AX
  • Excellent People Management skills and inspirational manager
  • Ability to identify and assess complex IT risks and controls and relate them to the requirements of a financial audit
  • Hands on experience of designing, performing and reviewing data analytics and controls testing
9

IT Risk Manager Resume Examples & Samples

  • Provide AMP with a thorough understanding of its IT risk and security profile
  • Champion technology risk, compliance and security frameworks and proactively conduct assessments of IT related risks
  • Apply the necessary dynamic tension to encourage mitigation of known IT risks
  • Develop a strong IT Risk awareness culture across IT@AMP
  • Produce regular IT risk reports to the IT Leadership team and various business risk and compliance committees
  • Ideally at least 5 years' experience in the development, and maintenance of IT risk frameworks
  • Demonstrated understanding of IT risk related legislation, regulations and standards (eg. ISO 27000 / 17799, COBIT, PCI DSS, GS007, APRA guidance statements)
  • Broad knowledge of IT risk and security trends
  • Tertiary qualifications in IT related field
  • Excellent communication skills, both written and verbal with ability to articulate complex IT risks in simple business terms
  • Strong problem solving aptitude, with good attention to detail
  • Strong interpersonal skills and ability to develop deep relationships of trust with IT and business stakeholders
  • Ability to run effective workshops/meetings and ensure that all stakeholders reach consensus
10

Senior IT Risk Manager Resume Examples & Samples

  • To contribute to the development, implementation and management of the Global Risk Framework, risk appetite, policies, procedures and management information requirements covering specifically IT risk
  • To help drive a proactive risk culture that is infused across the entire organisation
  • To drive provision and maintenance of an accurate and reliable IT risk profile, partnering with the Business areas to ensure identification of critical business processes, and to ensure that all key risks are properly identified, assessed, monitored, controlled and reported in a timely fashion. To ensure theming can be undertaken to highlight and drive prioritisation of systemic issues both regionally and globally
  • The definition and management of controls and processes and implementation of internal controls
  • To undertake independent assurance of the adequacy and effectiveness of the company's management of its IT risks, controls and processes
  • To contribute to the effective governance of risk. He/she will take an active role in regional risk committees, offering constructive challenge and helping to support the Committee fulfil its role and responsibilities. Will facilitate and encourage informed and constructive debate and challenge on key risk issues and ensure that management information is provided in an accurate, timely and clear manner, ensuring all activity is undertaken against a background of the agreed risk appetite
  • To lead, drive and embed best practice and pragmatic risk/control management across the organisation, demonstrating an understanding of the control weaknesses, driving remedial action plans to improve business and move towards the agreed risk appetite position
  • To alert senior management immediately of any significant changes to the IT risk environment, deteriorating exposures and counterparties and evidence of emerging risks
  • Manage the engagement with Internal/External Audit, ensuring consistency of learning and remedial actions. Drive timely resolution of internal and external audit points together with any issues raised by external auditors
  • Ensure reliable data is produced and that measurement/modelling of risks are refined to facilitate more complete analysis/evaluation of risk scenarios
  • Proactively manage, develop and maintain intra group relationships across the Three Lines of Defence to optimise results in areas of common interest
  • Experience across all risk types in a management capacity
  • A successful track record as an IT risk manager and good knowledge of the operational and regulatory complexities impacting the business from strategic, operational and change perspectives
  • Hands on experience of IT risk assurance and control frameworks
  • Gravitas and the capability to provide constructive challenge to the business and ensure IT risks are addressed appropriately
  • Strong analytical thinking and communication skills including the ability to research and understand complex processes and effectively communicate them to senior management
  • Demonstrated ability to perform process analysis and experience in designing controls
  • Experience in leading/delivering IT risk assessments and scenario analysis
  • Good stakeholder and relationship management skills at all levels
  • Personal integrity, the ability to lead a small team and take leadership of specific tasks and activities
  • Self-starter with the ability to deliver under pressure
  • Strong written and verbal communication skills with the ability to foster a collaborative working relationship with multiple areas and complex business lines
  • As this is a global organisation, the Senior IT Risk Consultant will be required to attend conference call meetings outside of normal UK office hours and take occasional international business trips
11

Senior IT Risk Manager Resume Examples & Samples

  • Assist OTRC to define and implement a New and Emerging Risk Program
  • As new initiatives and strategies are prioritized by technology – work with key stakeholders to ensure IT risk management priorities and overall strategy are represented
  • Remain aware of the regulatory environment/requirements around specific technologies – ensure new initiatives are not in conflict with regulatory commitments that are known or likely
  • As new and emerging risks are identified – represent OTRC, occasionally in a leadership role, to contribute to CAP planning and associated remediation efforts
  • Drive a predictive instead of reactive approach to new and emerging technologies, anticipating potential risk concerns prior to implementation
  • Persuade and influence senior stakeholders in other areas of Citi and occasionally external parties through outstanding communication and negotiation skills
  • Clearly articulate and present design solutions, rationale issues and tradeoffs. Message complex risk management enhancements into readily understood concepts and support senior management with the design and development of Regulatory materials
  • Oversee in-depth and sophisticated analysis with interpretive thinking to define problems and develop innovative solutions
  • Proactively advance best-in-class design approaches, solutions and develop recommendations of how to proceed with report and dashboard development
  • Develop effective working relationships with senior line management and peers across Citi
  • Demonstrates strong judgment, political astuteness, and sensitivity to cultural diversity
  • 15+ years of experience in an IS or Risk Management Role
  • The candidate must have a proven track record to present solutions to stakeholders and senior executives, lead brainstorming sessions, and estimate level of effort for projects and tasks
  • Effective negotiation skills, a proactive and 'no surprises' approach in communicating issues and strength in sustaining independent views
  • Ability to ask the right questions of business and technologists to resolve issues and make fast decisions
  • Experience with Cloud and Big-Data Technologies (e.g. AWS, Hadoop, Spark, Platafora, Datameer, RevoR, provider vs. tenant paradigm)
  • Experience with mobile-specific technologies and release challenges (e.g. GIT Hub, VA concepts, App Stores, M-SDLC)
  • Experience in Banking or Finance a plus
  • CISSP or CISM a plus
12

IT Risk Manager Resume Examples & Samples

  • Oversee 1LoD Risk and Controls
  • SME understanding all related Information Technology risk matters including assessment of appropriateness of 1LoD controls, implementation and associated risk management practices
  • Lead IT challenge and oversight activity of IT Risks faced by the business
  • To develop and maintain external and internal contacts to identify, evaluate and assess evolving Technology threats, opportunities to contribute to the resilience
  • Ensuring compliance with IT Risk and Controls Policies and Standards
  • Providing oversight of compliance with relevant regulatory and legal requirements as they relate to IT Risk and Controls
  • Protection of customer, employee and corporate confidential information
  • Facilitating the execution of IT Risk and Controls Strategic initiatives and projects
  • Determining priorities, sponsorship and investment requirements for regional initiatives
  • To provide expert input to IT related Governance, Assurance, Executive Briefings, Group initiatives
  • To define, manage and measure Information Technology related KRI's to support understanding of the risk profile
  • To develop and maintain effective relationships with senior stakeholders in the business to ensure that IT risks are maintained in line with risk appetite strategy and objectives
13

IT Risk Manager Resume Examples & Samples

  • Responsible for developing and implementing IT security and risk management frameworks and policies
  • Identify technology and information security risks and provide recommendations to the risk management process
  • Participate in IT audit , security and compliance activities through close collaboration with internal and external auditors
  • Lead all IT security efforts within the business and push for trainings and activities to increase IT security awareness of all staff across the business
  • Conduct regular reviews on vulnerability management, access controls, audit controls, information systems etc
14

IT Risk Manager Resume Examples & Samples

  • Managing Risk Services engagements end to end, specifically risk and control technology services which will include application security, GRC technology enablement, project risk management and supplier risk management
  • Support partners generate new business opportunities and build client networks and relationships
  • Actively identify opportunities to better serve clients
  • Developing and maintaining productive working relationships with clients
  • Manage the financial aspects of client engagements and communicate significant issues, fees, and estimates-to-complete to partners and client
  • Preparation of reports and schedules for clients and other parties
  • Contribute to people-related initiatives including recruiting, retaining and training Risk professionals
  • GRC technology design, implementation, operation and assessment using one or more technology vendors such as SAP GRC, RSA Archer, MetricStream and/or Thompson Reuters
  • Process Risk and Controls Design, Implementation and assessment across core enterprise processes such as finance, supply chain, procurement etc
  • Project, program and portfolio risk management experience including benefits realisation, program assurance and portfolio optimisation
  • Application Security and Configuration
  • Governance, risk and compliance functional experience
  • Compliance system development and management
  • Risk assessment, mitigation and remediation
  • A strong self-starter with a high level of initiative
  • A Prince 2 or equivalent certification is also highly desirable
15

IT Risk Manager Resume Examples & Samples

  • Well developed sense of personal accountability
  • Demonstrable Operational/Non-Financial Risk Management skills
  • Experience of working in major projects in large financial institution
16

IT Risk Manager Resume Examples & Samples

  • Managing and coaching staff as they perform assessments to evaluate controls, security, SOD, and execute audit procedures
  • Leading the adaptation of a work program and practice aids
  • Reviewing and evaluating SSAE 16 reports from 3rd party providers
  • Interfacing with business and technology partners on projects as well as serving as a IT Risk Subject Matter Expert during the planning and execution of technology initiatives
  • Demonstrated audit or consulting experience in
  • A Master's degree in Information Systems, Computer Science or related IT Audit and Controls discipline
17

IT Risk Manager Resume Examples & Samples

  • Provide pragmatic advice to clients who are looking to drive value from their investments
  • Develop and maintain productive working relationships with clients
  • Develop and lead high performing, cross functional teams
  • Lead and manage teams in the delivery of IT governance and risk framework review and implementation support
  • Lead and manage IT Risk Assessment services across functions within clients ICT environments relating, but not limited to governance, architecture, compliance, vendor management, service delivery, program and project management
  • Lead and participate in business development initiatives
  • Apply your knowledge and experience to shape our services and motivate the team
  • Effectively manage end-to-end engagements with a focus on delivering valuable outcomes that exceed clients expectations
  • Present and facilitate both client and internal meetings and workshops
  • ICT Strategy, Governance and Compliance including technology enablement
  • ICT Service Management aligned to ITIL requirements
  • Managing or supporting an IT risk management function including the development/ maintenance of an IT Risk Management Framework and the performance of IT risk assessments across functions/services
  • Design or implementation of IT controls to mitigate risks across IT function areas
  • Third Party (including IT) Vendor Risk Management including supporting governance requirements
  • Understanding of regulations or standards/acts/better practice (e.g. Privacy, RiskIT, CoBIT 5, ISO 31000, PCI DSS, etc.)
  • Excellent communication skills, demonstrated through effective written reports and presentations
  • Knowledge of current technological developments/trends in area of expertise
18

Risk-it Risk Manager Resume Examples & Samples

  • Assisting in the implementation of 3LoD initiatives for the team for 2016 and into 2017, resulting in a BAU operating model
  • Completing implementation activities during the course of 2016 and into 2017, working with colleagues in GTO Technology, CISO and GDM. This will range from
  • Information Technology Risk Management related experience preferred
  • Demonstrable Operational and Non-Financial Risk Management skills
  • Strong work ethic and sense of urgency in personal approach to problems
  • Mandarin speaking skills
19

GPB IT Risk Manager Resume Examples & Samples

  • Demonstrable expert knowledge in operational risk management, internal control, or internal audit preferably within a banking operations and / or IT Function
  • Proven project / process management experience with a solid delivery track record driving change
  • Strong communication and interpersonal skills to a wide range of individuals and groups and at different levels of seniority
  • Ability to drill down to root cause and write/review clearly articulated risk documentation
  • Self-starter and effective collaborator
  • Innovative and able to assess needs and propose solutions
  • Excellent time management skills
  • Ability to influence without direct management authority
  • Risk assessments and internal control monitoring
  • Proven experience of being a trusted friend
  • Local regulation knowledge
  • Project Mgmt and delivery skills
  • Understanding of particular risk in an environment: gpb-data privacy etc
20

IT Risk Manager Resume Examples & Samples

  • Research/gather information for the development/maintenance of global policies, including IT and acceptable use policies, and supporting documents
  • Work closely with policy stakeholders to develop and maintain policies that safeguard EY against the changing threat landscape
  • Interface with various stakeholders and functions to validate that policies are consistently implemented and reflected in their functions’ processes
  • Facilitate and participate in the policy review and approval processes
  • Contribute to IT policy awareness
  • Aggregate data from disparate sources into holistic risk picture
  • Present risk metrics and information in meaningful business terms
  • An in-depth understanding of ISO 27002, ISO 27001, ISO 31000 frameworks and applying these frameworks
  • A working knowledge of policy frameworks such as ISO, COBIT and unified compliance framework
  • Experience in developing and executing reporting strategies
  • General technical knowledge of operating systems, databases, networks, and mobile and cloud computing
  • Experience with MS SharePoint, including development and maintenance of SharePoint sites
  • Experience with RSA Archer
  • Experience in communicating to all levels of management, clients and vendors
  • Five or more years of experience in the Information Technology, Information Security and/or IT Risk Management field(s)
21

IT Risk Manager, Payments Resume Examples & Samples

  • Partner with product teams, compliance and operations to identify, define, and solidify an appropriate IT risk and controls framework for payments entities which includes identifying key controls, testing, and remediation
  • Conduct and/or coordinate risk assessments for technology, compliance, and security frameworks
  • Execute projects to close gaps
  • Translate legal requirements, internal policies, and best practices into controls
  • Facilitate multiple stakeholders to agree on appropriate solutions and verify that risks are mitigated appropriately. Verify that required compliance controls are baked into new products
  • Perform deep dives on compliance-related processes and systems
  • Stay abreast of innovative business and technology trends in payments governance, risk, and compliance and advise leadership on technology initiatives
  • Partner with product, technology and compliance teams to define and implement new compliance business requirements within supporting systems
  • 7+ years progressive experience in IT audit, information security, and/or privacy
  • Excellent leadership and communication skills (verbal and written)
  • Ability to collaborate with business partners in setting business goals and objectives
  • Knowledge of risk assessment methodologies, IT policies and standards, awareness, and training
  • Understanding of modern transaction processing environments is a plus
  • CISSP/CISA
22

IT Risk Manager Resume Examples & Samples

  • Risk Identification - Oversee, Manage, Report and provide Transparency on ITEC’s Risk Identification process including its Annual Risk Control Self Assessments (RCSA), and the Information Systems Security Program (ISSP), led by SAFE. The IT Risk manager shall also follow track and report on Risk identification efforts by Internal Audit and provide visibility on all audit points related to risk
  • Risk Measurement – Utilizing the methods defined by SAFE and the Enterprise Risk Committee, the IT Risk Manager shall be responsible for collection, analysis and dissemination of relevant data for measurement of risk, inclusive of outages (incidents, problems), outage time, outage resolution, , and operational financial losses
  • Risk Mitigation – SG has a comprehensive program to define is annual priorities for investment in Information Security. This role shall be responsible for liaising with the relevant actors, local and global, and applying its priorities specifically to the IT Americas area
23

IT Risk Manager Resume Examples & Samples

  • Assist in defining and documenting team roles and responsibilities
  • Assist in the development of management dashboard reporting to track progress of key deliverables as well as monitoring of key performance and risk indicators
  • Monitor and ensure “at risk” metrics or past due program deliverables are reported, escalated and plans developed to remediate issues
24

IT Risk Manager Resume Examples & Samples

  • Shares complex information related to areas of expertise
  • Develops and socializes Risk Strategy and Roadmap for Claim
  • Proposes and drives initiatives in support of risk strategy
  • Represents Claim at the Enterprise Risk Counsel
  • Identifies and Manages Risk for Claim
  • Tracks progress and measures level of risk on ongoing basis (Top 10 Risks)
  • Communicates Claim Risks at the Enterprise level advocating for solutions
  • Assist BISO in Security Incident Management by assessing and assigning risk level
  • Accountable for Access Validation Recertification (SailPoint campaigns) for all applications in scope
  • Accountable for maintenance of Disaster Recovery and Business Continuity plans for all of Claim
  • Accountable for the execution of the annual Entity Risk and Fraud Assessment (ERFA)
  • Accountable for metrics and reporting for the team
  • Technical Knowledge: A solid understanding of current technology capabilities, and a keen interest in staying abreast of emerging technology trends and opportunities. In-depth knowledge of Risk Framework and industry best practices around Risk Management. Solid understating of SDLC and supporting methodologies. Proficient user of RSA Archer
  • Business Knowledge: Working knowledge of the Property & Casualty insurance industry especially the key business drivers and risk factors
  • Communication: Effective written and verbal communication from technical team direction to senior management presentations and demonstrated an adaptive style for gaining the engagement, cooperation and commitment of others
  • Problem Solving and Decision Making: Demonstrates outstanding analytical and diagnostic skills when dealing with complex issues and uncertainty, and the ability to make sound decisions quickly while carefully evaluating risks and alternatives before taking action. Possesses strong negotiation and collaboration skills, and effectively consults and communicates with key stakeholders regarding critical decisions
25

IT Risk Manager Resume Examples & Samples

  • Own and administer client GRC system. Using this system, collect and track IT security risks
  • Own and operate the third-party risk management program, including collecting and reviewing information and artifacts from third-parties, analyzing risks, presenting findings to CELERITY business teams, and supporting negotiation of any necessary contract security provisions
  • Manage oversight of and promote timely remediation of IT security risks. Establish an effective approach to collaborating and communicating risk with business and technical stakeholders to ensure remediation milestones are met. Success requires an understanding of the processes used and challenges faced by those directly responsible for remediating risks, and the ability to effectively negotiate and collaborate with those teams to establish mutually acceptable timelines and then ensure milestones are met
  • Benchmark risk management practices of comparable organizations, monitor the legal and regulatory environment, and manage the CELERITY Risk Management program to appropriately incorporate best practices and relevant regulatory requirements
  • Work with business and technical stakeholders to facilitate IT risk analysis and risk management processes and identify and track acceptable levels of residual risks through appropriate risk acceptance processes
  • Analyze risks and generate metrics that drive management and minimization of overall portfolio risk. Report regularly on risk management status, trends, and opportunities for reducing risk. Supervise a small team of risk analysts
  • Bachelor's degree with a focus on IT or IT-risk-related disciplines (e.g. security, privacy, compliance); past financial services industry experience a plus
  • CRISC or a similar risk management certification is a plus
  • Solving problems through effective collaboration and development of effective working relationships across business and technical teams
  • Success as a persuasive negotiator, to reach consensus on differing views of risk and to facilitate commitment on remediation strategies, milestones, and risk acceptance where appropriate
  • A solid understanding of the nature of IT risks across multiple IT disciplines (e.g. systems and servers, desktops, network, software development, cloud, etc.)
  • The use of tools such as Excel to analyze and aggregate risk data
  • Strong written and verbal communication skills with the ability to communicate in a compelling manner with business and technical stakeholders in one-on-one as well as group presentations
  • A strong attention to detail; well organized and thorough
  • Successfully handling competing priorities
  • Excellent planning skills
  • Experience with the following is a strong plus: Managing compliance with FISMA, NIST SP800-53, PCI-DSS, and DOJ CJIS is a strong plus
  • Experience with RSAM
26

IT Risk Manager Resume Examples & Samples

  • Provide technical expertise and direction in the areas of internal controls evaluation for a variety of assessments (SOX, EU Privacy Shield, PCI-DSS, etc.) including all phases of planning, evaluation, documentation, testing and remediation
  • Accountable for the development and delivery of standards, best practices, policies, and oversight programs to ensure effective controls across the enterprise
  • Develop and establish IT risk reporting against established enterprise risk metrics
  • Manage and carry out varying security risk assessments, providing advisory support to business contacts on the evaluation of risks, development of risk responses, and work with stakeholders to define and implement process enhancements as needed
  • Oversee IT regulatory compliance programs, including SOX and Global Privacy
  • Communicate information security risk, compliance gaps and other security issues in a business context, translating technical risks into business risks
  • Liaisons with other internal departments as needed to ensure business continuity and disaster recovery plans are connected
  • Train and mentor staff as needed
  • Minimal travel as needed
  • Additional risk management activities as needed
  • Ability to define and communicate risk in business-relevant language
  • Proven experience building an IT Risk Management framework
  • Ability to be independent and self-directed
  • Ability to react to high pressure dynamic changing environments
  • Ability to train risk concepts to non-technical people
  • CRISC or CISA preferred
  • In depth knowledge of IT Risk Management practices
  • Broad knowledge in analyzing and applying information security, risk management, and privacy practices or policies
  • Strategy definition or program management experience preferred
  • Threat, vulnerability, and risk assessment experience
  • Successful history working with auditors
  • Knowledge of national and international regulatory compliances and frameworks such as SOX, EU Privacy Shield, and PCI DSS
  • 10+ years of experience in IT roles, including interactions with senior leadership
  • 5+ years of experience leading IT risk management
27

VP IT Risk Manager Resume Examples & Samples

  • The implementation of an efficient IT Risk Management framework within his entity in charge of IT activity whose components are declined from the Level 2 procedure ‘Risk ORC / ORC IT Risk Measurement and Management – Risk ORC / ORC IT Missions and Responsibilities’ and from the Level 2 procedure ‘Oversight of Risk ORC / ORC IT organization and Governance’. The management of IT risk operationally by assessing and treating appropriately the risks
  • Creation and Maintenance of new policies and procedures, enhance the existing policies, procedures and IT Risk requirements (structure/program) as needed
  • Ensuring existence of the appropriate IT organization structure in forecast/ESOP
  • The follow-up (and production of regular reporting) of Métier/Region IT recommendations implementation (e.g. IG/Regulator/External/Permanent Control actions/Independent consultant) including the reminder to the implementation manager and the escalation at Métier/Region level in order to meet the Group objectives
  • Investigate and record Historical and Potential IT Incidents. Ensuring the proper collection and analysis of IT historical incidents and the validation of Métier/Region IT incidents before the input in the dedicated Group system, based on CIB standardized criteria
  • Contribute to the definition and follow-up of associated action plans in addition to regular reporting
  • Coordinate the bi-annual input of the CIB standard IT OPC control plan results and the main points of attention related to the IT activity processes for the Function/Métier/Region in a Permanent control report
  • Centralize and consolidate all information related to IT domains including those that are not directly under his direct responsibility. Validate the report with the IT Métier/Region management
  • Organize Function/Métier/Region IT risk committee at least twice a year (according to Risk procedures)
  • Identify Métier/Region IT risks perform the follow-up of those IT risks in CIB Archer, ensure that the analysis and evaluation of the underlying risks (via the mapping and analysis of historical incidents have an IT cause). Manage IT risk by assessing and appropriately treating the risks
  • Contribute to the quantification of IT Métier/Region potential incidents (for AMA entities)
  • Coordinate all IT permanent control actions for the Métier/Region to ensure a complete and efficient IT Risk Management Framework
  • Bachelor’s degree in Computer Science. MBA preferred
  • Professional certifications CRISC, CISA, CISSP, CISM, CGEIT or CIA preferred
  • Minimum of 7 to 9 years of related experience in IT Audit, Information Technology Risk and Control, Information Security, Information Technology, Governance of Information Technology, or a related field
  • Experience in developing processes, implementing controls, writing or working with information security and technology policies or procedures and liaising with IT and Business personnel (at all levels)
  • Strong communication skills, both verbal and written, diligent, detailed oriented, proactive
  • Experience with Archer system; or a similar Governance, Risk and Compliance Tool (GRC Tool)
28

IT Risk Manager Resume Examples & Samples

  • Bachelor’s degree in Computer Science is mandatory. MBA preferred
  • Minimum of 7 to 9 years of related experience in IT Audit, Information Technology Risk and Control, Information Security, Information Technology, Governance of Information Technology, or a related field is mandatory
  • Experience in developing processes, implementing controls, writing or working with information security and technology policies or procedures and liaising with IT and Business personnel (at all levels) is mandatory
  • Familiarity with COBIT, ITIL, FFIEC, ISO/IEC 27001, ISO/IEC 9001, ISO/IEC 20000, SEC, SOX, GLBA, FINRA, Dodd-Frank and other related control frameworks or legislation and regulatory sources is a plus
  • Strong communication skills, both verbal and written, diligent, detailed oriented, proactive mandatory
  • Good organizational skills, project management and ability to manage multiple tasks simultaneously
  • Ability to work effectively, independently and within teams, to achieve management objectives
  • Proactive and eager to take on new tasks and challenges,
  • Ability to identify and propose opportunities for process (and control) improvements
  • Ability to lead meetings and forward discussions, carry out day-to-day operational work while thinking and planning both tactically and strategically
  • Demonstrates Persistence, poise and perseverance and able to complete deliverable, accomplish goals and objective under pressure and within set timelines
  • Proficient in MS Office (specifically Excel, PowerPoint, Word), VISIO, SharePoint,
29

Risk-it Risk Manager Resume Examples & Samples

  • Assisting in the implementation and operationalization of the IT Risk function through delivery of key initiatives and the establishment of the APAC operating model
  • Analyse regulatory, audit and 3LoD program requirements to structure a control framework for IT Risks in scope
  • Completing implementation activities ranging from CTB to RTB programs, working with colleagues in core COO Technology, CISO and GIRM and CDO. This will range from
  • Minimum of 5 years of related experience, preferably in financial or consultancy firm
  • Must be able to work effectively in English and Mandarin (both written and spoken)
30

Senior IT Risk Manager Resume Examples & Samples

  • Develop and maintain an IT Risk Program to identify, manage, and control IT risks within the business enterprise
  • Design and perform IT risk assessments on concepts, solutions, products, services or processes
  • Identify appropriate information security requirements and controls based on current and future risks, policies and architecture
  • Design and maintain an IT Risk Register for the enterprise
  • Develop a third-party assurance program for the organization and ensure third-parties meet acceptable information security and compliance standards
  • Review and negotiate third-party contracts for information security, compliance and data protection measures
  • Responsible for the successful implementation and maintenance of IT Compliance programs, such as SOX, PCI, and data protection
  • Provide consultation and advisement to the business and project leads around data protection, risk management, compliance initiatives, information security and IT risks
  • Facilitate assessment of and compliance with information security regulatory and legal requirements
  • Develop key Information Security, Risk and Compliance reporting metrics to ensure progress on these programs is managed and understood by leadership
  • Lead small-medium security projects and implementations
  • Performance of other duties and responsibilities as assigned
  • 5-7 years Information Security, IT General Controls, Compliance, IT audit and/or Security Risk Management
  • 3 years leadership experience, including consensus building, and ability to effectively work with cross-functional teams and resources to address competing priorities
  • Experience with internal project consulting to provide security requirements and guidance
  • Demonstrated experience with regulatory and legal requirements (e.g., PCI, SOX, HIPAA etc. requirements)
  • Knowledge of security & risk frameworks, standards and best practices (i.e. PCI, ISO, ITGC, COBIT, COSO, CMM)
  • Strong communication, documentation, presentation and facilitation skills
  • Strong project management skills, analytical skills and attention to detail
  • Ability to translate a business agenda into technology terms
  • Strong knowledge in Process Improvement
31

AVP, IT Risk Manager Resume Examples & Samples

  • Bachelor's Degree in Business or Technology area or equivalent experience
  • 5+ years in IT Infrastructure, Development or Production Audit Services
  • Industry certifications such as Certified Information Systems Auditor (CISA) and Certified Information Systems Security Professional (CISSP) -- a plus
  • Demonstrated use of data analysis software, audit management software and continuous audit solutions
  • Ability to establish credibility and working relationships with a wide range of corporate personnel, including operations, management, executive and legal staff, as well as with external personnel, including external auditors and regulators
  • Proven IT leadership and staff development skills in a regulated industry
  • General knowledge of data center operations, telecommunications, network engineering, data center applications, client/server computing, and production operations support
  • General knowledge of business theory, business processes, management, budgeting and business office operations
  • Demonstrated expertise in project management
  • Proven experience in writing audit reports for different audiences -- the audit committee, CIO, CTO, C-suite members and auditee teams
  • Proven experience of working in technology environments, including information security, encryption methods, privacy-based solutions, and solutions for backup and recovery
  • Extensive experience in risk-based audits
32

IT Risk Manager Resume Examples & Samples

  • IT Risk and CyberSecurity
  • IT Regulatory Compliance
  • External IT Audit support
  • Graduate preferred with a Bachelor’s degree in Technology or Engineering
  • In depth experience of IT Infrastructure and systems security
  • Sound understanding of IT Systems Audit and controls
  • Strong project management background (PMI certification preferred)
  • CRISC (Certified Risk and Information Systems control) certification preferred
  • Certification or hands-on experience in Microsoft Productivity tools and platforms (AD, Exchange, Azure equivalents)
  • Keeps up to date with Information Security current affairs relating to information security, business continuity, data management, security and encryption, vulnerability analysis and audit