Senior Risk and Control Officer
This individual must provide proven information risk analysis and remediation, audit management, and program/project management skills. The Senior Risk and Control Officer must be able to review information risk gaps, provide adequate business solutions, and effectively manage and drive the mitigation of risks within the AM business.
Qualifications:
College Degree or Equivalent financial services work experience. 7 years experience. 10+ preferred. Fluency in English. Certified in Risk and Information Systems Control (CRISC) and/or Certified Information Security Manager (CISM) are preferred.
Ideal candidates will have taken the lead in assisting the business with the development of solutions to manage the risks. Technology background can assist with the development of possible solutions.
Seeking someone who may have worked in technology early to mid career, but whose last few roles have been in information risk (e.g., risk assessment of business applications, Business advice and guidance for information risk solutions). Trying to avoid former auditors, as while these individuals test controls, most do not develop solutions because this is outside of an auditor's role to remain impartial to the risk mitigation. The more time spent in audit, the more this tends to be the case.
The potential candidate will not be installing hardware, developing applications, or writing code (e.g., SAML, J2EE, XML, Java/Javascript, AJAX, Delphi) nor will they be trying to put these forward as strengths. The potential candidate will be emphasizing their ability to determine risks, assist the business with developing options, and working between business and IT to develop solutions.
Leave a Reply
You must be logged in to post a comment.