New

Position Applying For:IT Risk Manager Director

Join & Explore The Possibilities at BuzzClan

  • IT Risk Manager Director  | USA-NY-New York  |  | 14-APR-21 
    Title – Director ITRM consulting services (Band 3)IT Risk Management Director
Location -  New York
Experience – Minimum of 12-14 years (in Risk consulting with specific and deep focus on Technology Risk)
Education and additional; certifications:  B.Tech with MS or MBA (IT)   or CA with CISA, CISSP, CISM
                                                                           Plus Cisco certification, OSCP, CEH, CRISC,  SIEM etc (we can go really granular here, but these would be desired)
                                                                           Core banking solutions, COSO, COBiT, data analytics or audit analytics

Pedigree:  Big4 firms or specialty risk consulting Global firms (protiviti, Kroll) at an experienced SM or Director role
 
Specific domain experience:  We can broadly classify the ITRM solutions and experiences into the following broad competencies.   We should aim at a “general expert” who can possess at least two or more cluster competencies and deep specializations and is “aware” of the rest of solutions.  
1.       IT Risk management and compliance:  IT SOX, IT-IA, ITRM framework design, IT controls review (plus specific experience in IT compliance areas such as HITrust, HIPPA, PCI-DSS or data privacy regulations)
2.       Enterprise applications and controllership: Deep experience in Enterprise applications (Core banking, SAP, Oracle, treasury), pre-post implementation audits, interface controls, SOD, Access controls, SOX testing
3.       IT Security/ Cyber:  Cyber security framework design/ review, cyber defense strategy, conducting various types of cyber audits and security assessments (e.g. VA/ PT) across the technology stack, threat modelling, SOC reviews, Red team.   Experience in some specific technology like cryptography, DLP, IAM etc
4.       Others:  TPRM infosec programs and audits,  BCP and DR advisory and reviews, SAM
5.       Digital:  Experience in RPA, ML, AI etc and its risk management (desirable but any exposure to live projects and training will be an advantage)
 
Industry:  Preferably non-Financial Services
Reporting:  Dual reporting – functionally to ITRM Leader and also a US area ERC partner
Attributes:  Someone who wants to switch sole focus from delivery and change gears into solution marketing (hence not a sales and BD guy, but someone who has a Sales and BD orientation with past solution design and delivery) He is also expected to mine select large accounts and mine selected set of senior client stakeholders.  He/ She should be able to work with CSP, GRMs to open doors, hold specific solution conversation himself or leverage other ITRM team members and solution leaders.  Travels and builds pipeline for US. 
Market relationships:  Should be able to open doors with his/ her existing relationships with Controller, IT Controller, IT Compliance and risk leaders. CISO, CIO and CROs and Head of IT Audit.   This will be an added advantage, but not absolutely mandatory.

    Qualifications

    Industry:  Preferably non-Financial Services
Reporting:  Dual reporting – functionally to ITRM Leader and also a US area ERC partner
Attributes:  Someone who wants to switch sole focus from delivery and change gears into solution marketing (hence not a sales and BD guy, but someone who has a Sales and BD orientation with past solution design and delivery) He is also expected to mine select large accounts and mine selected set of senior client stakeholders.  He/ She should be able to work with CSP, GRMs to open doors, hold specific solution conversation himself or leverage other ITRM team members and solution leaders.  Travels and builds pipeline for US. 
Market relationships:  Should be able to open doors with his/ her existing relationships with Controller, IT Controller, IT Compliance and risk leaders. CISO, CIO and CROs and Head of IT Audit.   This will be an added advantage, but not absolutely mandatory.