Information Risk Management Lead Job in Jersey City, New Jersey US
Information Risk Management Lead
Position is for an Information Security IT Risk Analyst supporting the Mortgage business. Position requires a strong hands-on individual to support day to day Technology Control reviews and IT Risk Management across the businesses.Responsibilities will include performing end-to-end application security reviews, Information Risk Management guidance on projects, completion of technology risk management activities associated with the Application Security Assessment program, monitoring/validation of open ITRM or IT audit issues through remediation, control identification, and risk awareness training. Key Responsibilities: - Provide Information Risk Manager Support for the loan servicing business. Engage application development and project management processes to ensure risk management remains incorporated in those processes and activities, interfacing with the business and central technology groups. - Application security reviews across production and non-production environments - Coordination of Application Security Assessment (ASA) activities with Application Development Managers and Information Owners. - Perform and assist in application risk activities including risk assessments, audit remediation and security testing. - Perform Risk Assessment training when required for business units and Development Groups. - Assist AD Managers in the PIRA and PSES exception processes. - Provide guidance to LOB when engaging new vendors to ensure they engage the third party oversight group to perform appropriate reviews. Provide guidance as to specific scope requirements as needed. - Liaison with audit-related organizations (e.g., Audit, GAD, external auditors) in audits and other external assessments. Track remediation progress for issues discovered during IT audits. - Perform pre-deployment and post production security reviews and control self-assessments