Permanent Position in Boston
New division of a financial services firm - focused on Emerging Technologies
Information Risk Manager - Boston, MA
Job Summary
Information Risk Manager (IRM) works with business unit staff to identify and prioritize risk components, understanding and reporting on the overall risk posture of the business. IRM also ensures IT Control Policies are followed within the line of business and monitoring action plans that are developed and executed to address any non-compliance with policy requirements. Responsible for three principle activities of risk awareness, advisory and compliance
Job Responsibilities & Requirements
Specific responsibilities include but are not limited to:
-Identify, synthesize, and communicate the information risks and associated controls for assigned business units. Analyze risks to understand trends within a business unit.
-Joint accountability with the business unit to address identified risks
-Regularly report information risk metrics to business unit management
-Communicate technology related policies and standards and how they should be applied within the business units to ensure risk is managed to an acceptable level and compliance achieved where it represents a significant risk to the business.
-Collaborate with Information Risk Consultants to proactively identify potential risk exposures within new technology solutions being designed and implemented, and partner with application development teams and Core Information risk services groups to implement appropriate solution to mitigate exposure.
-Ensure various risk analysis assignments, including application as sessments, due diligence reviews, and vendor reviews are completed, reviewed, and analyzed in a timely manner.
-Identify areas of unmanaged information risk within the current environment and institute the appropriate controls to mitigate exposure.
Customer Facing Program and Business Initiatives:
-Support customer information risk reviews, including self assessments
-Support the customer-facing associates to respond quickly and consistently to inquiries on topics such as RFPs, Information Security, SAS 70, and Internal Controls.
Proactive Risk Analysis:
-Support end-to-end information risk analysis of business process, application portfolio, and computing environment.
-Support end-to-end compliance reviews and where risks cannot be appropriately mitigated, assist in preparation and execution of the Risk Acceptance process, describing the level of risk, areas of non-compliance, and identification of mitigating controls.
-Identify control deficiency trends and work with Core Information Risk Services to develop and implement solutions.
Core operations, Information Security, Training & Awareness, Governance:
-Active engagement with Information Risk Consultant to ensure that IT risks are identified and addressed, and appropriate controls are incorporated into architectures and systems design.
-Document all risk reviews and provide management summary.
-Ensure all corrective actions are recorded in the corporate repository.
Minimum Requirements:
-Experience with industry standard Information Technology Control Policies and Standards frameworks
-Ability to manage by influence and establish effective working relationships with all levels of management
-Effectively resolves conflicts between individual needs and requirements of the organization
-Demonstrates a strong ability to identify, analyze, and solve problems
-Able to communicate complex information in user-friendly terms
-Excellent oral and written communication skills
-3-5 years technology background with significant exposure to Information Risk, Information Security, or Audit.
-CISSP or CISA qualified or relevant experience
-Strong communication, relationship building and presentation skills and technology background with significant exposure to Information Risk, Information Security, or Audit.
-CISSP or CISA qualified or relevant experience
-Strong communication, relationship building and presentation skills
Please contact Albert Barsoumian with qualified resumes via email at albertb@avidtr.com or via phone at 617-951-1893.
skip to main |
skip to sidebar
Permanent and contract positions at some of the top investment management firms in Boston.
Follow this blog:
All Jobs
-
▼
2011
(43)
-
▼
October
(12)
- FAST Search Administrator - Perm in Boston, MA
- Sharepoint Design / UX Consultant - Boston, MA
- Cloud Process Analyst - Boston, MA
- Cloud Platform Specialist - Boston, MA
- Cloud Architect - Boston, MA
- Cloud Project Manager - Boston, MA
- Sharepoint Solutions Integrator - Boston, MA
- Information Risk Awareness Consultant - Boston, MA
- .NET / Sharepoint Developer - Boston, MA
- Search Engineer - Boston, MA
- Information Risk Manager - Boston, MA
- Security Operations Engineer - Boston, MA
-
▼
October
(12)
About Me
- Al Barsoumian
- I manage relationships with clients and candidates at primarily financial firms in Massachusetts. By understanding company IT and finance needs, I'm able to match up the right talent to meet manager expectations. My goal is to build long term relationships with candidates to help them reach their employment goals when the right positions become available. www.linkedin.com/in/barsoumian
Click here to call me:
View my Linked in profile:
