Senior Control Management Specialist

Senior Control Management Specialist

Mandate Skill: Risk Assessment, IT / Infor Sec Risk Management exp, Communication & Risk certification - CISA, CRISC, CISM

In this role, you will:

- Participate in identifying, assessing, managing, and mitigating current and emerging risk exposures within Control Management functional area for the targeted Technology Division.

- Provide risk management consulting to support the business in designing and implementing risk mitigation strategies, business processes, and business controls.

- Perform Control design and governance activities for Technology processes and on high-risk initiatives and partner with stakeholders to develop and implement control improvements to mature the technology risk and control framework across Technology and the firm.

- Monitor moderately complex business specific programs and provide risk management consulting to support the business in designing and implementing risk mitigation strategies.

- Understand and define KRI's, track and prepare monthly reports to present the status to business leaders with appropriate remediating action if any required.

- Ability to analyze problem incidents and root causes to identify structural issues and present to business for remediation.

- Monitor, measure, evaluate, and report on the impact of decisions and controls to the relevant business group or functional area.

- Collaborate with relevant business group to identify current and emerging risks associated with business activities and operations.

- Partner with Second and third line of defense to inform, educate, and collaborate.

Required Qualifications:

- 6+ years of experience in Risk Management, Control Management, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education.

- Bachelor's Degree or equivalent; regulatory experience is a plus.

- Ability to develop, design and write technology controls aiming to reduce risk.

- Good understanding of the IT Security architecture , IT/IS controls.

- Understanding on COBIT, NIST, Regulations etc.

- Have understanding of Business Continuity and Disaster Recovery.

- Strong risk and control fundamentals, knowledge of frameworks and methodologies, common implementation challenges.

- Experience in evaluating the adequacy and effectiveness of policies, procedures and controls.

- Experience in assessing risk, writing issues, and developing appropriate corrective actions.

- Demonstrated experience with both strategic and tactical approaches to risk management.

- Professional certifications such as CSCP, CRCM, CGEIT, CRISC, CITP, CISA, CISSP, CIA a plus.

- Analyzing current risks in IT processes and identifying potential controls that can handle those risks.

- Development and/or evaluation of technology governance programs, policies, standards and procedures.

- Ability to interact with all levels of an organization.

- Strong communications skills both written and oral; able to broker agreements amongst diverse, differing, competing, and/or conflicting perspectives/priorities.