Information Risk Management Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the information risk management job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

L Mohr

Laverne

Mohr

351 Hansen Inlet

Philadelphia

+1 (555) 445 1295

351 Hansen Inlet

Philadelphia

Phone

p +1 (555) 445 1295

Experience Experience

San Francisco, CA

Information Risk Management

San Francisco, CA

Gleason, Grimes and Lind

San Francisco, CA

Information Risk Management

Provides senior level leadership to subordinates including assigning and managing work, monitoring performance, and conducting performance appraisals
Work across all areas in OPE risk management to establish and expand Information Risk Management (IRM) coverage of risks
KPIs and benchmarking: assist with developing, implementing, monitoring, and reporting departmental performance metrics (to drive continuous improvement)
Supports management in matters related to their team field of expertise and works independently to execute
Manages a small team of information risk management metric, analytics, reporting, and issue management subject matter experts
People Management Responsibilities (provided in conjunction with the Governance & Framework Director)
Identifies, recruits, and manages a team of general technology and cyber-security risk management experts for infrastructure management related processes

New York, NY

Information Risk Management, Process

New York, NY

Dach-Johnson

New York, NY

Information Risk Management, Process

Assists in the development of the IRM control inventory, specifically for controls related to technology infrastructure management
Assists in the development of policies and standards related to technology infrastructure management processes
Assists in the development of the IRM control inventory, specifically for controls that are related to 3rd party serviced technology infrastructure management
Assists in the development of the information risk controls inventory, specifically for controls that apply to application development
Assists in the development of policies and standards for application development
Establishes and maintains a centralized tracking of risk control issues and remediation activities for technology infrastructure management
Performs independent information risk assessments on application development processes and practices

present

New York, NY

Information Risk Management, Infrastructure

New York, NY

Smitham-Balistreri

present

New York, NY

Information Risk Management, Infrastructure

present

Stakeholder management and working across various parts of the organization
Performs independent review and challenge of front line unit cyber related RCSA outputs for technology infrastructure
Communicates information risk matters to senior management
Performs independent review and challenge of the front line unit cyber security assessments and remediation plans on technology infrastructure
Performs independent review and challenge of front line unit RCSA outputs for technology infrastructure
Performs independent review and challenge of the front line unit risk assessments on technology infrastructure
Knowledge of current industry trends in information risk management

Education Education

Bachelor’s Degree in Computer Science

University of Arizona

Bachelor’s Degree in Computer Science

Skills Skills

Strong MS Office skills along with strong verbal and written communication skills
We are a financially strong and stable bank
Able to be a subject matter expert on the information risk issue management process
Able to be a leader across the organization, a valued partner, and subject matter expert on information risk management and IT project delivery
Able to assist in communicating related policies, procedures, and guidelines
Able to enforce and communicate related policies, procedures, and guidelines
Able to influence and collaborate well with internal and external stakeholders
We are committed to the training and development of our employees
Innovative vacation benefits
We offer a matching 401k, a Retirement Plan, a variety of Flexible Health Benefits

Create a Resume in Minutes

13 Information Risk Management resume templates

Read our complete resume writing guides

Manager, Information Risk Management Resume Examples & Samples

Create and implement “best practice methodologies” to be leveraged by Time Warner Inc. and its Affiliates as related to information risk management
Lead GIS efforts regarding Vendor Risk Management
Assist with Safe Harbor IT Controls Assessments for Time Warner Inc. and Enterprise Infrastructure Services
Maintain Time Warner Corporate’s Data Loss Prevention and Privacy Assessment programs
Create and provide Information Risk Management training and awareness
Bachelor’s or Master’s Degree in Computer Science, Information Systems, Information Security or equivalent
Minimum 5-7 years in Information Security and/or IT Risk Management
CISSP, CISM, or CRISC
CIPP preferred
Superior problem solving and analytical skills
Ability to simultaneously handle multiple high priority projects and priorities with a high degree of professionalism and client service orientation
Excellent interpersonal and leadership skills

Information Risk Management Resume Examples & Samples

Serve as a Subject Matter Expert for Role-Based Access Controls
Integrate Risk strategies into I&AM control tools
Manage and support role-based controls to ensure appropriate access
Analyze and take action to maintain application compliance
Support Risk Management and Support Teams with timely data analysis and reporting
Review Windows Active Directory and Unix requests for risk compliance
Basic SQL query development expertise
Knowledge of technology risk management and industry best practices
Strong written and verbal presentation skills to a wide audience across the organization
CRISC, CISSP, or CISM/CISA certifications a plus

Information Risk Management Associate Resume Examples & Samples

Identify and assist in the management of IT risk issues including the identification of risks and assistance in the development of processes and controls to help mitigate the identified risks
Assists the business and IT in conducting IT Risk assessments related to infrastructure, platforms, and applications in accordance with the company’s Information Risk Management methodology
Assist with the interpretation of corporate, local, and applicable regulatory Policies, Procedures and Controls
Assists IT and the business in vendor and application risk assessments and provide guidance in the development of solutions to help address identified issues
Assist in the development, tracking and validation of metrics and measurements in order to identify weaknesses in controls
Provide functional and analytical support of GRC tools
Requires 3-5 years in Information Technology Risk Management
Knowledge of standards and frameworks in any of these areas: ISO 27001, ISO9001, NIST, COBIT, FFIEC, ITIL and technology best practices
Experience with internal controls, risk assessment strategies, audit techniques, and project management
Understanding of technology related control development and gap analysis processes
Proven analytical, problem solving and trouble shooting skills
Strong team player who works well with peers and leaders alike with a desire to contribute positive change
Experience with Information Technology risk assessments; audits; & regulatory compliance
Experience with GRC tools
Understanding of various technologies and ability to discuss risks and compliance within the technology departments such as: operating systems, networking, security operations, internet services, databases, messaging, PC services
Proficient in the MS Office products, Adobe Acrobat, SharePoint

VP Information Risk Management Resume Examples & Samples

Execute and at times manage execution of audit work
Contribute to maintenance and risk assessment of the audit universe and audit coverage strategy
Perform continuous monitoring of relevant areas in technology infrastructure, data management, operational resilience, or information security
Monitor, follow-up on and assess the resolution of audit issues
Contribute to the audit opinion
Contribute to evaluating the enterprise risk framework, policies and standards
Contribute to evaluating the management control approach and control environment of relevant business areas
Manage the audit coverage for an assigned section of the team portfolio, including proposing an audit plan, scoping audits, managing ongoing monitoring, and maintaining the BIA view of the control environment and management control approach for your area
Scope audit assignments including preparation of the scoping document
Manage audit work to ensure that relevant risks and controls have been identified and appropriately assessed
Review and direct control evaluation (and perform evaluation when appropriate)
Review and complete documentation of scoping, process understanding, risk & control identification, control evaluation and observations in BIA audit toolkit
Challenge others where appropriate, if you believe self to be correct
Makes decisions on a broad range of factors, with Barclays values at heart
Write high quality observations and audit reports (with input from the audit team)
Manage audit teams on a day to day basis, working to ensure that audits progress as planned, as regards scope, budget and timetable
Support management in identifying resolutions for control issues identified
Continue to update awareness of risk issues and changes across relevant business units and use this knowledge to amend audit approach where necessary
Provide complete, accurate and timely information to clients for BIA reporting
Proactively contribute to the day to day running and continuous improvement within the infrastructure and information security audit teams
Proven experience in risk based auditing or risk/control activities within information risk management, including logical access management, information handling, data leakage prevention, incident management and response
Broad experience demonstrating capability in risk assessment of technology control environments
Practical understanding of relevant regulatory environments
Management of audits, including audit planning and delivery, across multiple locations
Ability to engage and build relationships with senior client management
Experience of leading and developing individuals/teams
Proven track record of high performance in previous roles
Relevant professional qualifications (e.g. CISA, CISM, CISSP, or other relevant technical qualification; and graduate degree)
Financial services industry knowledge, in particular relating to technology infrastructure, Data Management, Information Security or Operational Resilience

Information Risk Management Manager Resume Examples & Samples

Whether in one country or worldwide. With a strong Forensics presence in more than 40 countries, our strategic threat management approach enables us to work with international clients to anticipate, manage, and respond to threats, while also helping clients become "threat-smart."
Best practices for developing and implementing effective enterprise information risk management (IRM) programs for Fortune 500 companies
Leading records management and e-discovery technologies
Supervising teams to create an atmosphere of trust; seeking diverse views to encourage improvement and innovation; and coaching staff including providing timely meaningful written and verbal feedback
Drafting information management strategies and/or roadmaps
Developing information risk management policies and procedures, including records management, e-discovery readiness, privacy, and/or security components
Creating retention schedules
Creating and applying taxonomies and/or classification scheme in an electronic environment
Developing and rolling out communications and training
Monitoring and auditing the records management function
Evaluating and selecting electronic records management (ERM) vendors and project managing the implementation of ERM systems
Implementing strategies to archive structured and/or unstructured data, including email
Developing and implementing eDiscovery response plans; and
Evaluating and selecting e-discovery technology tools, including identification and collection, searching and culling, early case assessment, processing and production tools

Information Risk Management Resume Examples & Samples

Manage calendars: schedule appointments, meetings, recurring meetings, and other events; book conference rooms and other venues (e.g. restaurants); arrange building access and greet guests; print meeting materials as needed / requested; maintain “time out of office” (e.g. scheduled vacations, working remote) calendar for the 3 executives
Manage phones: answer phones, take messages, screen and prioritize calls - Travel and expense management: make travel arrangements (e.g. air, car service, hotel, etc.) using company travel provider / site, prepare itineraries, complete and submit expense reports using company expense management site; ensure team staff visiting from other locations have building access and space / seats
New hire (permanent and consultant) on boarding: provide assistance as needed with requesting space, equipment, software, phone, system access, remote access, badges, etc.; ensure new hires are fully on boarded and “live” and provide assistance with navigating company systems / key sites
Office supplies: order and maintain office supplies for senior executives and their teams
Clerical assistance: assist senior executives as requested; may include accessing and printing system generated reports (staff training, staff vacation, staff absence, etc.), assisting with PowerPoint presentations, updating routine files and forms (e.g. org charts)
Provide additional support as requested
Excellent organizational and interpersonal skills as well as problem solving, negotiation, and follow-up skills
Ability to organize and multi-task
Strong Microsoft Word, Excel, PowerPoint, and Outlook skills
3 to 5 years of related experience

Information Risk Management Resume Examples & Samples

Aware / has a good understanding of control and risk management concepts
Good knowledge of security systems and applications
Understanding of relevant information risk management regulations and best practices is a plus
Able to assist in communicating related policies, procedures, and guidelines

Information Risk Management Resume Examples & Samples

Ensures IRM Line 2 program is appropriately implemented and followed across IRM
Conducts independent reviews of second line unit activities
Monitors the maturity of the program though a number of activities, including but not limited to: key performance indicators, adherence to service level agreements, adherence to IRM policies and standards and Line 2 procedures, and quality of documentation
Demonstrates excellent knowledge of business management and strategic planning concepts
Stakeholder management and working across various parts of the organization
Bachelor's degree or equivalent work experience required
At least one security certification is preferred, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)
5 + years of related experience Knowledge
Knowledge of quality assessment methodologies and tools
Proven knowledge of Information Risk Management frameworks, policies, tools
Able to influence and collaborate well with internal and external stakeholders
Able to be a subject matter expert on quality concepts, practices, and tools

Information Risk Management Resume Examples & Samples

Collaborates with other subject matter experts to determine and communicate the business impact of changes to information risk policy and standards
Primary point of contact on information risk standards for their specific area of expertise
Provides knowledge of current industry trends to improve controls across the firm
Works across groups to communicate information risk matters effectively to senior business management
Drives and supports the development of strategic program elements and provides input to risk prioritization, including the development and implementation of key metrics (KRIs, KPIs)
Provides advice and guidance on information risk matters involving legal or regulatory matters; escalates to management where necessary
Drives and supports the development of information risk strategic program elements creating business value and helping to streamline technology development
Reviews internal and external IT projects and applications for risk issues and ensures adherence to security policies, industry best practices, and security controls
Bachelor's Degree or equivalent work experience required
1 or more of GSEC, CISSP, CISM, CISA, CRISC, CGEIT preferred, but not required
Excellent knowledge of security systems and applications
Ensures application risk assessments are performed in line with policy requirements
Facilitates reviews, identifies and documents any resulting breaks requiring remediation
May be a leadership role on internal teams to deploy information risk protection technologies and to make product recommendations for future release
Awareness and understanding of risk management, compliance, information protection, regulatory concepts, and requirements
Excellent knowledge of security systems and applications and be able to assist in communicating related policies, procedures, and guidelines
Knowledge of the financial services industry and its regulations / laws is required
Thorough understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business is required
Understanding of industry best practices (e.g., NIST, ISO, COBIT, OWASP, ITIL)

Information Risk Management, Infrastructure Resume Examples & Samples

Defines criteria, tools, and methodologies for identifying, assessing, and monitoring the cyber security risk associated with technology infrastructure
Assesses compliance to cyber security policies and standards related to technology infrastructure
Defines testing processes for cyber security risks associated with technology infrastructure
Conducts cyber security assessments on technology infrastructure
Performs independent review and challenge of the front line unit cyber security assessments and remediation plans on technology infrastructure
Maintains oversight of the front line unit remediation efforts for cyber security exposures, gaps, and deficiencies on technology infrastructure
Performs independent review and challenge of front line unit cyber related RCSA outputs for technology infrastructure
Manages and conducts independent risk assessments, vulnerability scans, and penetration testing results conducted on technology infrastructure
5 + years of related experience
Subject matter expertise in conducting and designing cyber security risk assessments for technology infrastructure
Understanding of respective industry best practices (e.g., NIST, ISO, COBIT, OWASP, ITIL)
Strong MS Office skills along with strong verbal and written communication skills
Able to be a subject matter expert on assessing the maturity of cyber security practices for infrastructure

Information Risk Management Resume Examples & Samples

Defines criteria, tools, and methodologies for identifying, assessing, and monitoring the risks associated with applications
Assists in the development of the IRM control inventory, specifically for controls related to applications
Works closely with the Governance team to help define appropriate policies and standards relevant to applications
Assesses compliance to cyber policies and standards related to applications
Performs independent review and challenge of the front line unit risk assessments and control testing for applications
Reviews risk mitigation strategies and tracks remediation efforts as issues are identified
Conducts 2nd line risk assessments and control testing for applications; includes source code reviews, secure SDLC processes, application vulnerability management
Proven knowledge of general technology application assessment methodologies and tools
Proven knowledge of application security assessment methodologies and technologies
Experienced in application security related standards, and best practices such as secure code reviews, secure SDLC, and application vulnerability management
Prior experience with application development and SDLC related processes is preferred
Able to be a subject matter expert on assessing general technology processes relating to applications

Information Risk Management Resume Examples & Samples

Defines criteria, tools, and methodologies for identifying, assessing, and monitoring the risks associated with third party applications
Assists in the development of the IRM control inventory, specifically for controls related to third party applications
Works closely with the Governance team to help define appropriate policies and standards relevant to third party applications
Assesses compliance to cyber policies and standards related to third party applications
Performs independent review and challenge of the front line unit risk assessments and control testing for third party applications
Conducts 2nd line risk assessments and control testing for third party applications; includes source code reviews, secure SDLC processes, application vulnerability management

Information Risk Management Resume Examples & Samples

Assesses compliance to policy / standard / procedure related to technology infrastructure
Defines criteria, tools, and methodologies for identifying, assessing, and monitoring the risk associated with technology infrastructure
Performs independent review and challenge of the front line unit risk assessments on technology infrastructure
Maintains oversight of the front line unit remediation efforts for risk exposures, gaps, and deficiencies on technology infrastructure
Conducts risk and threat assessments on technology infrastructure
Performs independent review and challenge of front line unit RCSA outputs for technology infrastructure
Prior experience of management of technology infrastructure is preferred
Experienced with vulnerability scanning and penetration testing tools and technologies
Understanding of ITIL Service Management processes

Information Risk Management, Process Resume Examples & Samples

Defines criteria, tools, and methodologies for identifying, assessing, and monitoring the risk associated with 3rd party serviced technology infrastructure
Assists in the development of the IRM control inventory, specifically for controls that are related to 3rd party serviced technology infrastructure management
Assesses compliance to policy, standards, and procedures for 3rd party serviced technology infrastructure management
Performs independent information risk assessments on the processes for 3rd party serviced technology infrastructure management
Executes sample based testing of information risk controls on the processes for 3rd party serviced technology infrastructure management
Establishes and maintains a centralized tracking of risk control issues and remediation for 3rd party serviced technology infrastructure management processes
Performs independent review and challenge of front line unit assessments and mitigation strategies
Knowledge of information risk governance framework / policies / procedures / standards / controls, and mitigation strategies
Past experience of managing technology infrastructure is preferred
Past experience of establishing and maintaining third party risk management practices is preferred
Knowledge of risk management policies, methods, standards, processes, governance models, and industry standard risk analysis approaches
Knowledge of current industry trends in information risk management
Able to collaborate well with internal and external stakeholders
Able to collaborate with 3rd party stakeholders

Information Risk Management, Process Resume Examples & Samples

Designs and operates the risk control testing program for IT processes
Designs and implements testing processes for critical IT controls
Performs challenge and review of front line unit risk controls testing activities
Executes sample based testing of front line unit risk controls
Performs independent review and challenge of risk control remediation action plans and remediation activities
Establishes and maintains a centralized tracking of risk controls remediation
Supports the definition of front line unit risk controls as it relates to IT processes
Knowledge of the financial services industry and its regulations / laws

Information Risk Management Resume Examples & Samples

Assists in the development of policies and standards related to technology infrastructure management processes
Assesses compliance to policy, standards, and procedures for technology infrastructure management processes
Executes sample based testing of information risk controls on the processes for technology infrastructure management
Establishes and maintains a centralized tracking of risk control issues and remediation activities for technology infrastructure management
Performs independent review and challenge of front line unit mitigation strategies
Able to be a subject matter expert on review and challenge processes, information risk governance framework / policies / procedures / standards / controls, and mitigation strategies
Able to understand technology infrastructure management related best practices and processes

Information Risk Management Resume Examples & Samples

Defines criteria, tools, and methodologies for identifying, assessing, and monitoring the technology and cyber risks associated with the use of 3rd parties
Assists in the development of the IRM risk controls inventory, specifically those that apply to 3rd parties
Assists in the development of IRM policies and standards, specifically those that apply to 3rd parties
Reviews and challenges first line information security assessments for new and existing 3rd parties
Performs independent information security risk assessments on both new and existing 3rd parties, as required
Executes sample based testing of 3rd party related information security risk controls
Establishes and maintains a centralized tracking of 3rd party related information security risk issues and remediation activities
Prior experience in conducting and managing 3rd party information security risk assessments
Knowledge of the financial services industry and its regulations / laws specifically pertaining to 3rd parties

Information Risk Management, Process Resume Examples & Samples

Defines criteria, tools, and methodologies for identifying, assessing, and monitoring the information risk associated with application development
Assists in the development of the information risk controls inventory, specifically for controls that apply to application development
Assists in the development of policies and standards for application development
Assesses compliance to policies and standards for application development
Performs independent information risk assessments on application development processes and practices
Executes sample based testing of information risk controls on the processes and practices for application development
Establishes and maintains a centralized tracking of risk controls issues and remediation activities for application development related processes
Prior experience in application development or management of Software Development Lifecycle is preferred
Able to understand application development related processes and practices

Information Risk Management, Infrastructure Resume Examples & Samples

Supports controls design and testing processes for information risks associated with technology infrastructure
Subject matter expertise in conducting and designing risk assessments for technology infrastructure
Able to be a subject matter expert on assessing general technology processes relating to infrastructure

Information Risk Management Resume Examples & Samples

Assists in the development of cyber policies and standards relevant to applications
Defines criteria, tools, and methodologies for identifying, assessing, and monitoring the cyber risks associated with applications (both in-house and third party)
Assists in the development of the IRM control inventory, specifically for controls related to technology applications
Performs independent review and challenge of the front line unit cyber risk assessment and control testing for applications
Conducts 2nd line cyber risk assessments and control testing for applications; includes vulnerability scans, penetration tests and other assessment techniques
Able to be a subject matter expert on application security assessment methodologies and tools

Information Risk Management Resume Examples & Samples

Monitoring for new regulatory requirements and assessing applicability to the enterprise
Understanding, translating, and communicating regulatory requirements across the enterprise
Implementing regulatory requirements for the second line of defense through a number of activities including updating of IRM framework, policies, ands standards
Working closely with the training and awareness team to communicate regulatory requirements across the enterprise
Coordinating and overseeing regulatory examinations, including defining management responses to examinations, communicating with regulatory agencies and examiners, and ensuring remediation of regulatory examination issues
Reviewing front line units regulatory responses
Remediating regulatory examination issues within the second line of defense and overseeing remediation of first line issues
Defining the requirements for the GLBA, PCI, and HIPAA programs for the enterprise
10+ years related experience
Proven knowledge of regulatory requirements, regulatory issue remediation, and regulatory reporting
Knowledge of the financial services industry and its regulations / laws. Strong understanding of regulatory requirements, including and not limited to GLBA, FFIEC etc
Able to be a leader across the organization, a valued partner, and subject matter expert on regulatory requirements, remediation, and reporting

Information Risk Management Resume Examples & Samples

Identifies, recruits, and manages a small team of information risk management metrics subject matter experts
Ensures all committed deliverables and associated timeframes are met -
Controls budgets; ensures financials and staffing levels are inline with approved budget on an ongoing basis
Understands workload in order to easily flex with the changing internal and external environments in which we work Process Responsibilities
Defines information risk metrics and key risk indicators across all information risk domains
Works closely with front line units to define and implement gap closure plans to source data for the identified risk metrics and key risk indicators
Acts as an advisor to front line units to design and implement strategies to provide the supporting data
Aggregates information risk data from various front line units
Analyzes data to set enterprise-level risk thresholds and limits to be followed by front line units
Defines, develops, executes and maintains processes to develop and continuously enhance enterprise-level information risk management metrics and associated dashboards
Responsible for producing periodic risk reporting to key committees, senior management, and the board
Reviews and challenges information risk metrics and reports produced by the front line units Generally
Proven knowledge of information risk management metrics and reporting process / methodologies and tools
Strong MS Office skills along with strong verbal and written communication skills Abilities

Information Risk Management Resume Examples & Samples

Represents IRM and MUFG in important external information sharing / industry forums and committees (e.g., FS) ISAC, FSSCC, SIFMA Cyber Security Sub-Committee, and ISA)
Understands the MUFG position on matters and reflects them in the external forums
Participates or ensures appropriate MUFG participation in important external committees and other forums; communicates critical issues and initiatives to appropriate MUFG staff
Represents IRM and MUFG in committees
Stays in constant contact with peers and the market
Proven knowledge of information risk management and respective industry forums, conferences, and other information sharing venues and events
Able to be a leader across the organization, a valued partner, and subject matter expert on Information Risk Management industry forums and information sharing groups and events

Information Risk Management Resume Examples & Samples

Identifies, recruits, and manages a team of general technology and cyber-security risk management experts for infrastructure management related processes
Ensures all committed deliverables and associated timeframes are met
Controls budgets; ensures financials and staffing levels are in line with approved budget on an ongoing basis
Experienced in building and operating information risk management second line assessment and control testing functions with subject matter expertise in designing and implementing risk management practices for technology infrastructure
Proven knowledge of review and challenge processes, information risk governance framework / policies / procedures / standards / controls, and mitigation strategies
Knowledge of ITIL Service Management processes
Able to be a leader across the organization, a valued partner, and subject matter expert on information risk assessment related to infrastructure management

Information Risk Management Resume Examples & Samples

Leverage enterprise standards to define the criteria, tools, and methodologies for managing information risk issues
Standardize and implement information risk issue management processes across various first line units
Track critical information risk issues including control deficiencies, policy exceptions, and other self identified issues
Track front line unit corrective actions across the enterprise
Leverage information risk assessment technologies to establish and maintain an enterprise-wide risk issues library for information risk management
Serve as a point of contact for escalation of issues when information risk issue related metric thresholds are breached; escalate threat breaches to senior management as required
Report key information risk issues to senior management as required
Proven knowledge of information risk issue management criteria, tools, and methods
Able to be a subject matter expert on the information risk issue management process

Information Risk Management Resume Examples & Samples

Defines methods and processes to establish and maintain enterprise wide information risk, threat and control libraries
Drives the building of enterprise-wide risk, threat and control libraries through working with relevant first and second line stakeholders
Drives the maintenance of enterprise-wide risk, threat and control libraries based on input from the first and second line stakeholders and industry intelligence on a regular and timely basis
Drives the mapping of risks, threat and controls to the list of information risk management policies / standards, regulations and industry best practice frameworks (e.g. NIST-CF, ISO, COBIT, etc.), detailed risk scenarios, and playbooks
Works closely with training & communication stakeholders to develop training material and deliver training programs
Leverages Governance, Risk & Compliance technologies to manage libraries and support reporting functions
Works with the front line units to gather first line control owners, control operating and testing procedures, and aligns them with the controls in the library
Works with the second line to gather the second line testing procedures and aligns them with the controls in the library
Is aware of new information risk regulations in order to align them to the risk, threat and control libraries to support the assessment of compliance and / or impact on a regular and timely basis
Proven knowledge of risk, threat and control library development and maintenance; proven knowledge of risk / threat / control analysis criteria, tools, and maintenance methodologies
Working knowledge of Governance, Risk & Compliance technologies (e.g., Archer)
Able to be a subject matter expert on risk and threat libraries, analysis criteria, tools, and methodologies

Information Risk Management Resume Examples & Samples

Develops and implements processes to analyze and aggregate information on enterprise wide information risks and the technology requirements for automation
Coordinates with stakeholders to develop information risk reporting dashboards
Performs independent review and challenge of front line unit risk report content based on their own analysis
Reviews and challenges first line GLBA, PCI, and HIPAA reports prepared for the Board and Executive Committees
Prepares independent information risk management reporting to the Board and Executive Committees
Consumes threat intelligence information, risk and threat libraries, and other control libraries to provide an aggregated view of risk across the enterprise
Works closely with the Analytics and Reporting teams to collect and analyze aggregate risk information
Analyzes and reports on aggregate risk information to senior management
Determines critical information risk themes and escalates to senior management to drive risk reduction
Maintains subscriptions to information sharing sources (US-CERT, FS-ISAC)
Proven knowledge of information risk management analytics and reporting
Experienced in managing tools and technologies and producing reports for risk analytics
Able to be a subject matter expert on information risk management analytics and reporting

Information Risk Management Resume Examples & Samples

Budget management: assist designated department management with annual budget planning, perform monthly monitoring and review of actual versus planned expenses / explanations for variances with department management
Headcount reporting: create and review monthly headcount reports (FTE, consultant, contractor / upcoming contractor roll offs, open positions, turnover / mobility) with department management; maintain current organization charts
Location strategy: create and review monthly reports of current versus planned footprint with department management
Liaise with Finance, HR, and their designated ARM department as required/ needed to develop above reporting
KPIs and benchmarking: assist with developing, implementing, monitoring, and reporting departmental performance metrics (to drive continuous improvement)
Internal reporting: assist with reporting of internal departmental issues (performance, quality)
Provide additional support as needed (e.g., staff meetings, communication / training / awareness support, and special initiatives support)
Demonstrates excellent knowledge of business management concepts
Knowledge of business management practices and methodologies is required; knowledge of KPIs (development, implementation, reporting) and benchmarking is a plus
Knowledge of the financial services industry and its regulations / laws is preferred
Understanding of control and risk management concepts is preferred
Strong MS Office skills
Detail and process oriented
Able to be a subject matter expert on business management practices

Information Risk Management Resume Examples & Samples

Demonstrates a solid understanding of diverse IRM stakeholder needs and motivations and how to use IRM communications to strengthen the Three Lines of Defense
Serves as a trusted advisor on IRM communications issues, gaining and maintaining the confidence of MUFG’s senior IRM leaders
Creates an effective IRM communications strategy that considers the needs of the IRM organization and its stakeholders
Conducts active, ongoing outreach to stakeholders; gains consensus on communications plans and refines programs based on client feedback
Develops effective, targeted IRM messaging, rolls it out consistently across appropriate channels; communications vehicles include: senior management, client, and regulator presentations; town halls and webinars; collateral; and executive communications
Develops all content for enterprise-wide mandatory IRM training, internal IRM staff training, and front-line unit training
Supports multi-year project with communications, awareness, and training materials
Uses appropriate monitoring and measurement tools to assess and communicate campaign results to internal stakeholders, including IRM executives, employees, and direct reports
Develops, implements, and ensures compliance with enterprise communications standards and processes
Provides customized communications services to IRM constituents to meet their unique needs, ensuring their timely, successful delivery
Executes Shared Service responsibilities: updates board, committee, and executive level presentations and reporting templates provided by the Shared Service; supports employee engagement events; manages and directs enterprise wide IRM risk awareness and training support provided by the Shared Service; and reviews and provides feedback on the Shared Service Performance / SLAs
Proven knowledge of and experience with producing and implementing risk culture awareness training, and producing various types of internal and external audience communications
Able to communicate with all levels of management
Able to be a leader across the organization, a valued partner, and subject matter expert on risk culture awareness training and communications (for internal and external audiences)
We are committed to leveraging the diverse backgrounds, perspectives and experiences of our workforce to create opportunities for our people and our business. Equal Opportunity Employer Minority/Female/Disability/Veterans

Information Risk Management Resume Examples & Samples

Defines and maintains IRM policies
Defines and maintains the IRM policy framework based upon industry standards
Defines and maintains the policy and standard creation and update processes including stakeholders and syndication and approval processes
Builds and maintains IRM policies and standards and keeps relevant
Supports the alignment of the policies and standards to both regulations and controls
Defines supporting implementation guidance associated with the IRM policies
Ensures policies adhere to enterprise standards and templates
Ensures (new) polices follow the required approval process
Ensures policies are updated as needed and always in good standing
Represents IRM in other associates policy and standard syndication
Collaborates with other subject matter experts to determine and communicate the business impact of changes to information risk management policy and standards. Ensures policy changes and new policies are appropriately communicated to the respective stakeholders
Education:Bachelor's Degree required
Certifications: At least one security certification is preferred, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)
Experience:5 + years experience in writing IRM policies and standards is required
Knowledge
Proven knowledge of policy creation and maintenance; ensuring adherence and compliance
Skills:Strong MS Office, writing, and communication skills
Abilities
Able to be a subject matter expert on information risk management policies and standards

Information Risk Management Resume Examples & Samples

Identifies, recruits, and manages a team of policy, library & methods, analytical & reporting, and issue management subject matter experts
Experience: 10 + years related experience
Thorough knowledge of information risk management governance, policies, & libraries, analytics & reporting, and issue management
Skills: Strong MS Office skills along with strong verbal and written communication skills
Able to be a leader across the organization, a valued partner, and subject matter expert for information risk management governance, policies, libraries, analytics & reporting, and issue management

Information Risk Management Resume Examples & Samples

Works with Information Risk Management colleagues to ensure the appropriate risk and control framework, governance, policies, methods, standards, processes, reporting, and training are developed, applied, and understood by impacted stakeholders
Communicates information risk matters effectively to senior business management
Drives and oversees consistency in approach, execution, and reporting across the technology and information risk function
Drives program steering committees and, where applicable, participates in support program governance
Drives and oversees the development of information risk strategic program elements
Provides prioritization of risk, creating business value and helping to streamline technology development
Drives the development and implementation of key metrics (KRIs, KPIs), with ownership for providing business value towards monthly dashboard reports
Provides advice and guidance on information risk matters involving legal or regulatory matters; acts as a primary interface between the business areas for these matters
Reviews internal and external IT projects and applications for risk issues and ensures adherence to security policies and industry best practices and security controls, taking full ownership where concerned
Prepares and presents materials for internal and external client communications and takes ownership for follow-ups where necessary
Proven awareness and understanding of risk management, compliance, information protection, regulatory concepts, and requirements
Advanced knowledge of security systems and applications and be able to assist in communicating related policies, procedures, and guidelines
Knowledge of the financial services industry and its regulations / laws is required, along with operational aspects of the business and a thorough understanding of control and risk management concepts
Extensive knowledge of Risk Management policies, methods, standards, processes, governance models, and in-depth knowledge of industry standard risk analysis approaches
Excellent understanding of systems architecture, hardware, operations, system life cycle, and information security along with investigative principles, incident response procedures, computer forensics, Information Security practices, and effective risk management
Significant experience in one or more financial industry risk, control, and governance disciplines (e.g., audit, business continuity planning, regulatory compliance)

Information Risk Management Resume Examples & Samples

Interacts with senior information risk-type officers (e.g. Business Unit Risk Managers, Business/Technical Information Security Officers, Third Party Risk Management Officers, Business Recovery Coordinators, etc.) aligned with each business and business unit support organization (e.g., Consumer, Corporate, Investment Banking, Transaction Banking, Risk, Human Resources, Integrated Services Americas, etc.) to support them in aligning and complying to the Information Risk Management (IRM) framework and second line of defense requirements
Acts as an advisor; and facilitator to drive appropriate and effective operational communication between IRM and the first lines of defense in order to assist senior information risk-type officers to consistently and appropriately implement IRM policies and standards, conduct assessments and testing and training/awareness, and risk governance and reporting
Reviews and challenges information risk management activities within the business and business unit support organizations
Serves as a point of contact when risk tolerance limits are breached within the business and business unit support organizations
Coordinates and facilitates regular communications between IRM and the business and business unit support organizations to drive awareness/understanding/collaboration of risks, issues, threats, programs, initiatives across the two lines of defense
If an appropriate situation arises, coordinates incident investigations with the senior information risk-type officers
Proven knowledge of Information Risk Management frameworks, policies, tools, and mitigation practices
Able to communicate to all levels of management
Able to be a leader across the organization, a valued partner, and subject matter expert on Information Risk Management frameworks, policies, tools, and mitigation practices

Senior Director, Information Risk Management Resume Examples & Samples

Develop and implement an enterprise IRM program to provide strategic input and guidance into privacy and security due diligence activities related to technology and business initiatives
Oversee the Business Information Security and Governance, Risk, and Compliance (GRC) programs to deliver comprehensive information risk management solutions, establishing workload balancing and prioritizing tasks and projects based upon an expert assessment of risks and threats
In support of the CISO, develop, maintain, and drive IRM metrics that report upon KPI’s and KRI’s as related to the firm’s compliance with regulatory requirements and internal policies and controls related to information assets. The IRM metrics shall establish an environment of continuous improvement
Engages with senior representatives across Realogy and its Business Units to provide full-spectrum alignment on Realogy’s IRM program
Manage the delivery of IT Privacy, IT SOX and Third Party risk assessments
Oversee Realogy’s Information Security training and awareness program
Minimum 12 years’ overall experience managing information security and IT privacy in a global corporate environment
In-depth knowledge of ISO27001/2, NIST, Sarbanes-Oxley, and domestic/international regulations related to Personally Identifiable Information (PII) and Personal Health Information (PHI)
Experience dealing with external auditors
Experience developing effective processes to identify, document, and mitigate risk
Comfort working at all levels of seniority, both within Realogy and its Business Units, and with other client institutions, industries, or government entities
CISSP or CRISC required
CIPM or CIPP preferred

Information Risk Management Resume Examples & Samples

Creates and maintains the IRM Level 2 service management catalogue (to include, per service): roles and responsibilities, processes, interaction model, tech
Defines and monitors IRM Level 2 performance including: KPIs, benchmarking, SLAs, and maturity model
Develops and maintains an ongoing 3 year strategic plan including: goals, objectives, and departmental scorecard; ensures the departmental scorecard is aligned with Americas Risk Management and MUFG strategies
Responsible for the IRM organizational build-out, including: organization design, hiring plan, job descriptions, job requisitions, recruiting liaison, and location strategy / footprint, and budget planning
Liaise / main point of contact with Office of the CRO functions / shared services
Demonstrates excellent knowledge of service management, strategic planning, and business management concepts and practices
10 + years related experience
Proven knowledge of service management and strategic planning concepts and methodologies
Demonstrated expertise in business management practices (budgets, headcount management, and location strategy)
Skilled at synthesizing data, identifying relevant themes, and building story boards for executive level presentations
Awareness and understanding of risk management, compliance, information protection, regulatory concepts, and requirements is a plus, but not required
Ability to communicate related procedures and practices is required
Knowledge of the financial services industry is required; knowledge of its regulations / laws is preferred
Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business is preferred, but not required
Knowledge of risk management policies, methods, standards, processes, governance models, and industry standard risk analysis approaches is preferred, but not required
Able to be a valued partner and subject matter expert for operation management practices, strategic planning, and performance management

Information Risk Management Lead Resume Examples & Samples

University graduate with a minimum of five years’ solid experience in business continuity and/or information risk management and. Experience in the financial industry preferred
CBCP, MBCI, CISA or CISSP preferred
Experience with LDRPS will be an added advantage
Strong communication skills, including ability to translate complex technical issues into fundamental concepts
High level of integrity and professional work practice
Appreciation of the people and culture of different countries
Good analytical and teamwork capability and able to work on own role independently
Project Management and Incident and Problem Management
Good technical knowledge of Microsoft Office applications
Proficient in English and local language, spoken and written

Information Risk Management, Process Resume Examples & Samples

Defines criteria, tools, and methodologies for identifying, assessing, and monitoring the risk associated with the processes for technology infrastructure management
Assists in the development of the IRM control inventory, specifically for controls related to technology infrastructure management
Performs independent information risk assessments on the processes for technology infrastructure management

Information Risk Management Resume Examples & Samples

Work across all areas in OPE risk management to establish and expand Information Risk Management (IRM) coverage of risks
Work across front line control areas to integrate and leverage activities, especially in ISA
Participate actively in IRM governance and working groups representing OPE Risk management
Enhance the risk and control assessment process to address IRM Risks using the criteria, tools and methods defined by the second line of defense
Manage a team of risk analysts
Work with operations managers to understand their business and technology environment
Assess operations environments, identify key risks and controls, and determine control effectiveness
Highlight key risks and determine required controls to prevent or detect those risks
Execute risk control self-assessments (RCSAs) that incorporate IRM risks and controls
Teach and inspire operations staff to think about processes, risks and controls
Stay current with industry trends – with regards to the processes you assess, risks, and risk and control assessment techniques
Monitor front line unit adherence to the Risk Governance Framework, policies and standards defined by the second line of defense
Monitor front line unit development and maintenance of the required technical standards and operating procedures
Ensure ownership and maintenance of risk controls across front line units
Monitor metrics and indicators associated with key risks and controls
Identify opportunities for new or enhanced metrics that aid in the early identification of risks
10+ years in Operations management or operations, operations or operational risk management, operations audit or related role
Significant experience in the financial services sector designing, evaluating, and/or testing processes
Highly skilled/adept at drawing and evaluating operational processes, highlighting risks and controls
Advanced proficiency in several business continuity related topics
5+ years leading/managing and inspiring teams of at least 4 people
Proven success in a highly matrix management role
Experience teaching and coaching staff
Enjoy analyzing and discussing risks and controls
Ability to “connect the dots” and see and articulate a broader picture of risks
Demonstrated ability to overcome obstacles and deliver assignments on-time and with high quality
High energy self-starter
Enjoy discussing risks and controls

Information Risk Management Summer Intern Resume Examples & Samples

Research and documentation development on how various technologies and processes work
Gathering, reporting, and delivery of security metrics
Participation in logging and monitoring processes including log reviews
Various small projects and process assistance as needed
Excellent verbal and written communication, analytical and problem-solving skills, time management, and customer service skills, including ability to be assertive and diplomatic
Basic Knowledge and experience with the following: Scripting (e.g. Perl, Python, VBA, Javascript, etc.) and Windows Office Suite
Previous work or classroom experience in one of the following: information systems, systems audit, business process or information systems security
Aptitude for learning on the fly and interest in information systems security concepts and techniques
Knowledge of SharePoint administration a plus

Information Risk Management Resume Examples & Samples

People Management Responsibilities (provided in conjunction with the Governance & Framework Director)
Manages a small team of information risk management metric, analytics, reporting, and issue management subject matter experts
Specifically | provides oversight and direction for
Developing, maintaining, and reporting information risk metrics and key risk indicators across all information risk domains
Defining, developing, executing, and maintaining processes to develop and continuously enhance enterprise-level information risk management metrics and associated dashboards
Developing and implementing processes to analyze and aggregate information on enterprise wide information risks and the technology requirements for automation
Reviewing and challenging information risk metrics and reports produced by the front line units
Aggregating information risk data from various front line units; analyzing data to set enterprise-level risk thresholds and limits to be followed by front line units
Analyzing and reporting aggregate risk information to senior management; determining critical information risk themes and escalating to senior management to drive risk reduction
Leveraging enterprise standards to define the criteria, tools, and methodologies for managing information risk issues
Standardizing and implementing information risk issue management processes across various first line units
Tracking critical information risk issues including control deficiencies, policy exceptions, and other self identified issues; tracking front line unit corrective actions across the enterprise
Leveraging Governance, Risk & Control technologies to establish and maintain an enterprise-wide risk issues library for information risk management
Serves as a point of contact for the escalation of issues when information risk issue related metric thresholds are breached
Escalates critical information risk themes to senior management to drive risk reduction
Acts as an advisor to front line units in the design and implementation of risk metrics and key risk indicators
1 or more security certification is preferred, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)
10 + years of related experience
Proven knowledge of information risk management metrics and reporting process / methodologies and tools; information risk management analytics and reporting; information risk issue management criteria, tools, and methods

Information Risk Management Resume Examples & Samples

Leads the rollout of the IRM program expansion across (in scope) entities
Drives the socialization, adoption, consistent and appropriate implementation, and ongoing maintenance of the IRM framework, polices, standards, methods, etc. across the entities
Facilitates appropriate and effective communication and collaboration between IRM and the entities
Ensures IRM and the entities' roles and responsibilities, timelines, and requirements are clear
Front Line Unit |BAU Oversight – Provides guidance and direction to Front Line Unit | BAU Director to ensure
Appropriate and effective operational communication between IRM and the first lines of defense in order to assist senior information risk-type officers to consistently and appropriately implement IRM policies and standards, conduct assessments and testing and training/awareness, and risk governance and reporting
Appropriate review and challenge of information risk management activities within the business and business unit support organizations
Point of contact when risk tolerance limits are breached within the business and business unit support organizations
Regular communications between IRM and the business and business unit support organizations to drive awareness/understanding/collaboration of risks, issues, threats, programs, initiatives across the two lines of defense
If situation arises, coordinates incident investigation with the senior information risk-type officers
Stakeholder management; interacts with each entities' senior information risk-type officers to support them in aligning and complying to the IRM framework and second line of defense requirements
Serves as a point of escalation contact between IRM and the entities
Education: Bachelor's degree required
Knowledge of IRM frameworks, policies, tools, and mitigation practices is preferred but not required
Understanding of control and risk management concepts is required; knowledge of the operational aspects of the information risk business is preferred
Understanding of respective industry best practices (e.g., NIST, ISO, COBIT, OWASP, ITIL) is preferred
Knowledge of current industry trends in information risk management is preferred
Able to be a leader, a valued partner, and subject matter expert on Information Risk Management frameworks, policies, tools, and mitigation practices

VP, Information Risk Management Resume Examples & Samples

The Vice President of Information Risk is responsible for leading and managing the Information Risk Management Program. Reporting to the SVP of Operational Risk, the incumbent shall employ sufficient measures to comprehensively identify, assess, mitigate, manage, monitor and report information security risk and protect the information assets of the institution. The VP shall work with business functions, corporate areas and clients and partners to implement and maintain practices in line with SC defined policies and standards for information risk and security, reflective of corporate, regulatory and industry best practices
Develop and maintain the SC Information Risk Management Policy
Oversee the creation, management, and development of information security standards, procedures, and guidelines in line with the Information Risk Management Policy
Establish and maintain procedures to ensure information is protected in compliance with information risk management standards and applicable laws
Oversee the execution of information risk assessments
Provide input into the corporate information and technology risk strategy and tactical execution thereof
Collaborate with stakeholders (e. g. , IT, Legal, Audit, HR, and Risk Management) to help develop a consistent process for identifying, developing, and implementing controls to address information security risks
Escalate policy exceptions and risk tolerance breaches in a timely manner
Manage the implementation of an Information Risk Management Program and related risk analytical activities for SC that is consistent with applicable regulatory requirements
Execute information risk assessments and implement risk assessment framework for 1st line of defense
Continue to build capabilities (technical and soft skills) in IRM to support the Operational Risk Management Framework
Direct the development and execution of 2nd line of defense project plans for SC
Report and monitor conformance and delivery against program objectives, making adjustments and recommendations, where justified
Oversee the development of key risk indicators, key performance indicators and risk tolerances
Monitor risk acceptances, risk tolerance breaches and significant control gaps. Escalate pertinent findings in a timely manner
When appropriate, develop programs to meet regulatory standards and monitor and report conformance and delivery against project plans, making adjustments and recommendations, where justified
Facilitate the completion of effective regulatory examinations and audit reviews of information risks, when required
Communicate updates and ensure leadership and management behaviors support the many change initiatives
Collaborate with peers and support direct reports in exercising opportunities to credibly challenge risk assessments and mitigation plans
Build and maintain high-performance teams within the risk organization with the capabilities for risk identification, assessment, measurement, mitigation, aggregation and reporting
Performs other duties and special projects as assigned
May assist in other related departments as required by business needs

Information Risk Management Analyst Resume Examples & Samples

Working in partnership with the AIRM and border IT teams to define risk reporting requirements
Define and deliver monthly reporting, including but not limited to security metrics, KRI/KPIs and executive summaries
Design and implement analytical techniques and processes aimed at proactively measuring information security risks and control issues
Collect, aggregate, and analyze data to evaluate process improvement opportunities and facilitate decision-making
Develop and support team’s SharePoint, MF Connect and other collaboration tools
Support IRM programs and coordinate risk remediation when required
University Degree (Computer Science, IT/IS, business or related fields)
2 years of experience in information risk or security management, working in Big 4 or global consulting companies would be highly desired
Sound Knowledge of visualization and report automation BI tools such as QlikView
Proficient with MS Office Suite (Word, Excel and PowerPoint)
Strong focus on service, quality, and delivery with flexibility to multi-task order to meet deadlines
Ability to develop creative solutions to meet deadlines
Excellent time management and organizational skills with attention to detail
Positive attitude and self-motivated with ability to learn quickly, adjust to changes and think outside the box
Good verbal/written and inter-personal skills
Process, results oriented, proactive, self-motivated and work independently
Quick leaner and able to work in a matric organization
Proven ability to multi-task, manage and work on tasks concurrently
Team player and cross training team members
Good interpersonal communication, management and presentation skills
Proficient in English, spoken and written
Security Certifications: CISM, CISSP and/or CISA (preferred but not a must)

Information Risk Management Resume Examples & Samples

5 + years related experience
Proven knowledge of IT project delivery lifecycles (e.g. Waterfall, Agile)
Understanding of technology infrastructure components, software development best practices and technology management processes
Able to be a leader across the organization, a valued partner, and subject matter expert on information risk management and IT project delivery

Director, Asia Information Risk Management Resume Examples & Samples

Acts as the champion for the divisions within the global and domiciled information risk programs in Asia to ensure that information is secured and protected in accordance with global IRM policies, standards and procedures. Also assist business partners in meeting local regulatory and compliance needs
Sets strategy, goals, and targets for the Information Risk Management team in Asia and assist the divisional information risk officer (DIRO) in implementing the divisional framework to measure and report on the achievement of IRM goals
Contributes and shapes divisional and global IRM projects and initiatives. Ensures division- and business-specific requirements and needs are accommodated whenever possible and practical in initiatives, projects and services
Supports business partners in establishing business continuity and disaster recovery priorities and requirements, and the management of business continuity executions. Supports IT partners in establishing disaster recovery requirements, and the management of disaster recovery tests and executions
Provides assistance to the Project Management Office and divisional IT leadership for risk management deliverables embedded in key processes, such as the system development life cycle (SDLC) process, the application management process and the change management process. Provide assistance and aid in developing key projects and division-wide initiatives like GO (the Investment Division’s transformation program)
Supports IT and business partners in the maintenance and execution of key controls required for audits and various risk and compliance purposes
Works closely with Global IRM and Asia Division IRM as well as the problem management, legal and compliance teams for incident management
Completes risk assessments, risk exceptions/acceptances as required for divisional clients
Additional duties as assigned

Information Risk Management Resume Examples & Samples

Maintain/update Risk, Threats, and Scenarios Library
Bachelor’s Degree or equivalent work experience required
3-5 years of related experience, Risk/Threat Management experience is a plus
Able to be a subject matter expert on information risk scenarios and aggregation
Proven knowledge of information risk scenarios and analysis and identification of critical information risk themes
Knowledge and ability to leverage industry information sources to define information risk scenarios in line with industry trends and latest cyber threats
Knowledge of current industry trends in information risk management and threat analysis
Knowledge of Threat Modeling, Attack/Fault Tolerance Trees a plus

NIS Information Risk Management Manager Resume Examples & Samples

Supporting the strategic vision for information security management within the PwC global Network of member firms and contributing to the development of new security management domain expertise on an ongoing basis
Evaluating security requirements in one or more contexts, such as audit, vulnerability scanning, contract review, industry standards, and organizational policy and standards review
Working comfortably with all levels of leadership
Communicating and promoting the use Network security policies and standards
Comprehending the value of Network policies and standards, as well as business requirements, and the ability to recognize potential conflicts and arrive at successful outcomes collaborative

Information Risk Management Resume Examples & Samples

Focusing on Front Line Unit (FLU) compliance with second line policies/standards and the risk governance framework (RGF) defined by the second line of defense
Creating definition of FLU implementation plans to facilitate ongoing compliance and monitoring definition of FLU technical standards/operating procedures based on policies
Observing corrective action plans and remediation activities across the first line of defense and tracking execution of corrective action plans by FLUs to remediate control gaps
Sharing instances of non-compliance with the associated policy or standard owner and first line Information Technology Governance Committee (ITGC) for temporary approval
Purveying material FLU risk exposures and associated threats with the second line of defense for tracking and monitoring in the enterprise-wide risk and threat library
Communicating the status of FLU control gap remediation and coordinating with the second line of defense for independent review and challenge of FLU IRM activities
Synchronizing with the second line of defense and FLUs to define the required incident response playbooks
Requires a Bachelor’s Degree or equivalent experience, and a Master’s Degree in Business, Administration, Technology or related field is highly preferred
Deep understanding and experience working within the “Three Lines of Defense” model
Experience in conducting and designing risk assessments for technology
Knowledge of financial services industry and its regulations/laws
Understanding of control and risk management concepts and knowledge of operational aspects of the information risk business
Knowledge of risk management policies, methods, standards, processes and industry standard risk analysis
Significant experience designing, evaluating, and/or testing processes
Highly skilled at drawing and evaluating “specific function” processes, highlighting risk and controls

Information Risk Management Resume Examples & Samples

Overseeing completion of FLU risk mitigation plans to ensure they are consistent with enterprise-wide risk appetite, policies and standards
Consolidating first line information risk, threat and control libraries created by FLUs and identifying and analyzing material information risk exposures and emerging threats
Working closely with the First Line IRM Executive to develop information risk reports for the Board and Executive Committee for the Americas (ECA) on behalf of the CIOO
Performing sample based independent testing of FLU risk controls and relaying the results of such testing to the First Line IRM Executive and CIOO

Information Risk Management Resume Examples & Samples

Demonstrates a solid understanding of diverse IRM stakeholder needs and motivations and how to use IRM communications to strengthen the 3 Lines of Defense
Assists in the development of all content for enterprise-wide mandatory IRM training
Develops internal IRM staff training and front-line unit training
Supports a major multi-year project with communications, awareness, and training materials
5+ years related experience

Information Risk Management Expert Resume Examples & Samples

Support the Corporate Head of IRM and BCM (CIRM) of ING Bank with research, fact finding, collecting evidence and documenting activities
Contribute to the development and maintenance of CIRM Strategy, Framework, Policies, Minimum Standards, Procedures, Methods and Techniques
Perform parts of the functional oversight of the global IRM community by means of QA reviews as part of our functional steering role
Be a trusted IRM advisor towards 1st LoD management and 1st LoD and 2nd LoD NFR risk specialists
Identify external / internal developments, initiatives and threats. Translate these pro-actively in IRM Vision, Mission and Strategy of ING Bank
Participate in, challenge and periodically report upon the risks of key strategic (IT/BCM) programs and projects
Participate and challenge in risk assessments on specific Operational Risk or Information Risk projects and programs, taking direction over junior ORM, BCM and IRM colleagues
Create and publish strategic and ad-hoc risk analyses, risk papers and risk reports with fact finding, research and documenting activities
Contribute to the identification of the impact of and the coordination of responses to law and regulatory changes, ECB reports, etc. and monitors the follow-up of the regulatory issue solving
Develop and maintain training modules, and train the IRM community
Experience as IRM Expert with at approx. 10 years in risk areas that are relevant for Information (Technology) and Business Continuity Risk Management
Track record as IRM, IT audit and/or IT (Security) expert
Good knowledge of Banking business, processes, procedures and systems
Collaboration skills and ability to work across both functional and geographical lines
Ability to earn trust and respect of clients, colleagues and senior management
Ability to be firm when needed and show flexibility when possible
Excellent analytical skills and sound judgment
University Degree or equivalent
Professional education and multiple international certifications for Information (Technology) and Business Continuity Risk Management (e.g. RE, ISC2, ISACA accreditations)
Fluent in English (written and spoken)

Director, Information Risk Management Resume Examples & Samples

Provides technical, administrative, and operational leadership to assigned project or tasks
At this level, the position is typically responsible for managing multiple tasks or a single large project and supervising up to 10 employees. Technical difficulty/complexity of assigned tasks/projects may also affect level selection
Assists with the development and implementation of a long-range strategic plan for the information security risk management function in support of the company’s information risk management program
Assists with establishing and implementing an information security program with effective policies, architectures, standards and guidelines. Oversees ongoing compliance
Develops and implements a standardized continuous risk assessment and compliance verification process. Monitors, measures, and reports information risk exposure to senior management
Interfaces with Facilities Services, Corporate Counsel, Compliance, and Human Resources concerning issues related to information risk to ensure compliance with established policies
Consults with senior IT and business leaders regarding their information risks and responsibility in minimizing those risks
Works with IT Project Management Office to establish information security standards and risk management procedures
Participates on technical advisory committees that evaluate new technology resources for program compliance
Remains current on technical changes and new technologies. Identifies and recommends opportunities for improving the company’s information risk management program
Recruits, develops, and motivates staff. Provides work direction and guidance including coaching, professional development and training. Initiates and communicates a variety of personnel actions including, employment, termination, performance reviews, salary reviews, and disciplinary actions
Bachelor’s Degree business or technical; or equivalent work experience
Ten or more years of experience with Information Risk or Information Security disciplines
At least eight to ten years of Management experience
Excellent critical thinking and analysis skills
Certified Information System Manager (CISM), Certified Information System Auditor (CISA), and/or Certified Information Systems Security Professional (CISSP) preferred
Demonstrated understanding and application of project management concepts
Knowledge of health care business and care delivery processes preferred
CISO certification preferred

Senior Manager, Information Risk Management Resume Examples & Samples

Developing and implementing the strategic vision for information security management within the PwC global Network of member firms and contributing to the development of new security management domain expertise on an ongoing basis
Understanding of IT security fundamentals across multiple domains, including (but not limited to) security management, security architecture, access control, application development, operations security, physical security, cryptography, telecommunications and networking, business continuity planning, laws, investigations, and ethics; and,
Evaluating security requirements in multiple contexts, such as audit, vulnerability scanning, contract review, industry standards, and organizational policy and standards review
Managing strategic and tactical security policy and standards libraries based on those frameworks
Developing and managing structured risk identification, assessment, and treatment programs for large organizations
Managing internal assessment programs, coordinating response to internal and external assessment programs
Translating technical IT security concepts into business terms
Managing key ISMS components: information asset inventory, risk assessment, security policy and standards development, internal assessment, and report to management
Understanding existing and upcoming legislative and regulatory requirements by working closely with Network risk management and security organizations, as well as safeguarding that they are incorporated in the ISMS
Communicating, tracking and reporting audit and assessment findings and corrective action plans

Manager, Information Risk Management Resume Examples & Samples

Understanding of IT security or information protection fundamentals across one or more security, legal, privacy, or data regulatory domains, including (but not limited to) security management, security architecture, access control, application development, operations security, physical security, cryptography, telecommunications and networking, business continuity planning, laws, investigations, and ethics; and,
Maintenance of security policy and standards libraries
Contributing expertise across multiple key ISMS components: information asset inventory, risk assessment, security policy and standards development, internal assessment, and report to management
Addressing risk utilizing standardized and consistent methodology
Assisting in responding to client inquiries regarding PwC security posture, including requests to audit, site visits, and independent audits; and,

Download Information Risk Management Resume Sample as Image file

Related Job Titles

Information Risk Analyst Resume Sample

Information Risk Lead Resume Sample

Information Risk Manager Resume Sample

Service Information Developer Resume Sample

Management Information Resume Sample

Information Risk Resume Sample

Information Management Specialist Resume Sample

Management Information Systems Resume Sample

Information Management Resume Sample

Information Systems Resume Sample

Information Systems Specialist Resume Sample

Information Services / Technology Resume Sample

Browse More

Information Risk Management Resume Samples

The Guide To Resume Tailoring

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Resume Builder

13 Information Risk Management resume templates

Read our complete resume writing guides

How to Tailor Your Resume

How to Make a Resume

How to Mention Achievements

Work Experience in Resume

50+ Skills to Put on a Resume

How and Why Put Hobbies

Top 22 Fonts for Your Resume

50 Best Resume Tips

200+ Action Words to Use

Internship Resume

Killer Resume Summary

Write a Resume Objective

What to Put on a Resume

How Long Should a Resume Be

The Best Resume Format

How to List Education

CV vs. Resume: The Difference

Include Contact Information

Resume Format PDF vs Word

How to Write a Student Resume

Manager, Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Associate Resume Examples & Samples

VP Information Risk Management Resume Examples & Samples

Information Risk Management Manager Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management, Infrastructure Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management, Process Resume Examples & Samples

Information Risk Management, Process Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management, Process Resume Examples & Samples

Information Risk Management, Infrastructure Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Senior Director, Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Lead Resume Examples & Samples

Information Risk Management, Process Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Summer Intern Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

VP, Information Risk Management Resume Examples & Samples

Information Risk Management Analyst Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Director, Asia Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

NIS Information Risk Management Manager Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Resume Examples & Samples

Information Risk Management Expert Resume Examples & Samples

How to Make
a Resume

50 Best
Resume Tips

200+ Action
Words to Use

Internship
Resume