Specialist, Technology Risk & Info Sec

$125,000 - $145,000 yearly
  • The Resume Review - Recruiting Department
  • Chicago, IL, USA
  • Sep 14, 2021
Full time Business Development

Job Description

Job description
•    Act as a liaison between Corporate Information Security and Technology Risk Management to manage internal audit activity, track audit issues and aggregate findings against the IT control framework 
•    Assist the Technology Governance, Risk & Compliance function in maturing the Information Security and Technology Risk Management organization through standardized risk assessment frameworks  
•    Engage with the First Line of Defense to establish a robust technology risk and control framework, and ensure proper alignment to relevant industry frameworks (COBIT, ISO, NIST, etc.). 
•    Assist in maturing the first line of defense function across this company by establishing requirements for monitoring IT controls across the organization.   
•    Collaborate with 1st LoD to effectively adapt the process, risk, control framework, map organizational controls and establish the accountability and ownership for IT risk management and control activities. 
•    Assist in the validation of IT control alignment to various industry standards, framework and requirements (e.g., NIST, COBIT, PCI) 
•    Assist in Information Security and Technology Risk Management governance activities including coordinating monthly risk committee meetings with senior management from IT, Risk and Business Units. 
•    Act as a committee operations SME and manage Internet Banking Council, Information Technology Risk Committee(s), interaction and representation with Information Technology Oversight Committee, and other committee work as assigned including note taking, meeting agendas, scheduling etc.  
•    Perform gap assessments and testing for Standards compliance in conjunction with 1st LOD

Qualifications: Qualifications:
•    5+ years experience, in global financial organization/industry 
•    Experience in IT Audit or IT governance
•    Knowledge of: GDPR, PCI, CCPA
•    CISSP, CISM, CISA OR Equivalent certification preferred 
•    Working with Regulators