We are seeking a talented, highly motivated individual committed to building a high performing team in a global environment. This candidate will initially be a key participant in developing the application risk assessment program for managing information security and technology risks. The ideal candidate is an integrator of people and processes, an innovative leader, a problem solver, an effective consultant, and possesses solid domain competency in the field of IT operations, service support or application development with demonstrated management experience.
Watch: Career Advice
The Head IT Risk Assessments is responsible for maintaining and advancing the company’s enterprise-wideinformation security risk management program to ensure that information assets are adequately protected. The individual will work directly with regional application owners, IT risk leads, IT project and technology leads, and other Technology Risk Office leaders to establish and facilitate application risk assessment processes and provide excellent customer service.
Direct a team of Assessors managing application risk assessments, including coordinating with other security services for execution, performing QC of work product, handling issues, and providing advisory support.
Participate and coordinate team members to insure coverage and schedules for assessments are maintained and executed enterprise wide.
Develop working relationships with the Application Inventory management groups to ensure integrated processes support quality of risk rated application inventories. Develop relationships with the management of partner teams performing the supporting security scans or testing, and with the management of assessment teams within the division.
Develop and manage the program within business-relevant metrics, measuring the efficiency and effectiveness of the application risk assessment program, forecasting appropriate resource allocation and increase the maturity of the program.
Provide subject matter expertise and guidance and support to assessment teams on a broad range of application risk best practices to ensure the program is operating in compliance with applicable laws, regulations, contractual requirements, and policies to minimize or eliminate risk and address audit findings.
Perform application risk assessments, reviews, and approvals and other tasks to support the team as needed.
Position Requirements:
Experience and certifications:
• Bachelor’s degree, or 10 years experience in an information technology ,security or risk management role
• Professional certification such as ITIL, CISSP, CRISC or CISM is preferred
•Management experience and experience in developing programs and running IT operations, service support and/or application development required.
• Strong ability to develop, lead and manage a professional staff.
Performance Attributes and Skills Needed for Success:
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
• Must be a critical thinker with strong problem-solving skills and ability to deal with ambiguity.
• Up-to-date knowledge of technological trends and developments in the area of information security and risk management.
• Project management skills, including scheduling and resource management
• Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals.
Send To A Friend
Posts
