IT Risk Manager Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the it risk manager job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

M Christiansen

Madilyn

Christiansen

91537 Ullrich Pass

Houston

+1 (555) 734 7906

91537 Ullrich Pass

Houston

Phone

p +1 (555) 734 7906

Experience Experience

Dallas, TX

IT Risk Manager

Dallas, TX

McGlynn, O'Conner and O'Hara

Dallas, TX

IT Risk Manager

Responsible for developing and implementing IT security and risk management frameworks and policies
Develop and implement a Line 2 IT Risk Management Framework, supporting the design on Line 1 control environment and build out risk policy and procedure
Develop and establish IT risk reporting against established enterprise risk metrics
Conduct performance reviews and contribute to performance feedback for all levels of staff
Manage, train and coach local IT Risk team at Montreal, which supports regional objectives of CIB Americas IT Risk Management
Fostering and developing strong networks (local, area, global) with key service line champions in the global firm
Manage communication and coordination with key stakeholders in North America; in relation to IT Risk Management process

Chicago, IL

Risk-it Risk Manager

Chicago, IL

Quitzon, Koepp and Nicolas

Chicago, IL

Risk-it Risk Manager

Assisting in the implementation of 3LoD initiatives for the team for 2016 and into 2017, resulting in a BAU operating model
Develop relationships with functions engaged in IT Risk Management
Undertake Risk Reviews of IT Control framework
Completing implementation activities during the course of 2016 and into 2017, working with colleagues in GTO Technology, CISO and GDM. This will range from
Assisting in the implementation and operationalization of the IT Risk function through delivery of key initiatives and the establishment of the APAC operating model
Strong work ethic and sense of urgency in personal approach to problems
Completing implementation activities ranging from CTB to RTB programs, working with colleagues in core COO Technology, CISO and GIRM and CDO. This will range from

present

Phoenix, AZ

Senior IT Risk Manager

Phoenix, AZ

Bogisich LLC

present

Phoenix, AZ

Senior IT Risk Manager

present

Assist in finding pragmatic, cost effective solutions to identified security and risk issues
Develop key Information Security, Risk and Compliance reporting metrics to ensure progress on these programs is managed and understood by leadership
Serve as a member of the IT Leadership Work Group and work effectively with peers and other (up to and including members of Executive Management)
Make team personnel recommendations regarding employment, career development performance evaluations, compensations and promotions within policy and guidelines
Work closely to align security and risk advice with other divisions within the bank, such as Security Architecture
Develop and maintain strong, positive working relationships and effective channels of communication with other risk associates, including those in Enterprise Risk Management, Operational Risk Management, associates in other control functions and Executive/Senior IT Services' management. Provide direction and guidance in the development, implementation and communication of risk-related policies and standards
Provide aggregated risk oversight for one or more high-impact areas of IT Services for core components of IT risk mitigation, governance, measurement and reporting activities. Actively engage in end-to-end risk remediation planning, resolution and monitoring activities, including Technology Continuity Management planning and testing activities. Collaborate with senior business and IT Services ' leaders and other risk managers to resolve challenging risk matters

Education Education

Bachelor’s Degree in Computer Science

Columbia University

Bachelor’s Degree in Computer Science

Skills Skills

Strong problem solving aptitude, with good attention to detail
A strong personal network and the ability to play a role in the development of new business
Strong interpersonal skills and ability to develop deep relationships of trust with IT and business stakeholders
Business Knowledge: Working knowledge of the Property & Casualty insurance industry especially the key business drivers and risk factors
Excellent communication skills, both written and verbal with ability to articulate complex IT risks in simple business terms
Strong business awareness, sound reporting skills and the ability to work under your own initiative
A relevant professional qualification (i.e. CA, IISP, CISA, CISSP, CIA or CISM)
Excellent communication and presentation skills
Keeps up to date with Information Security current affairs relating to information security, business continuity, data management, security and encryption, vulnerability analysis and audit
Provide AMP with a thorough understanding of its IT risk and security profile

Create a Resume in Minutes

15 IT Risk Manager resume templates

Read our complete resume writing guides

IT Risk Manager Resume Examples & Samples

6) Provide control commentary into IT Risk reporting on key services, audit, risk and regulatory issues and attend any appropriate IT and Business Risk committees. Ensure that the IT Operational Risk metrics, assessments and reporting are in line with the expectations of the UBS Group and that they are supplied with the correct data and that effective risk
7) Maintain an external network with other senior IT Risk professionals as well as applicable risk forums/bodies
8) Undertake proactive thematic risk reviews in order to proactively identify risk issues and act as an SME reviewer of technical risk assessments covering the functional area
9) Liaising with internal and external auditors
10) Liaising and partnering with our IT ORM peers covering other CIO areas, as well as Information Security and Legal & Compliance organisation to ensure complete risk profile understood
The successful candidate will need to develop strong client relationships within those IT functions it is supporting as well as relationships with key stakeholders (e.g. business owners) across UBS Group. The ability to work with and communicate / report to senior management is especially important
The successful applicant will need a variety of skills to ensure that the role is a success: excellent problem management skills, strong organisation skills; ability to communicate with different levels of seniority as well as ability to communicate IT issues in business language; the ability to network well and get on with people; solid experience with handling management information and metrics – design, collection, analysis and senior management reporting; a strong focus on delivery; and experience of a project environment. IT Risk knowledge is an advantage along with the corresponding qualifications (CISSP, CRisk or equivalent) but not essential, training will be provided. Experience of an IT Service Delivery Methodology such as ITIL, COBIT, and 6 Sigma would be an advantage
As this role is focused on Information Technology within a Banking environment, candidates who come from this background will be able to add value to the team more swiftly. This is not, however, a prerequisite. Training will be provided in the relevant regulatory aspects of IT Operational Risk and the appropriate tools and technologies

Senior IT Risk Manager Resume Examples & Samples

Line management responsibilities for a small team of direct reports
Assist in finding pragmatic, cost effective solutions to identified security and risk issues
Professional certifications in key technologies (e.g. CISSP/CCNA/CCSE/CEH/CHFI etc)
Extensive IT Risk security experience, ideally within an IT Environment in a large financial services organization and/or in consulting. Understanding of the impact of technology on banking systems, ideally with some Product knowledge, Fixed Income, Equities etc
Strong knowledge of Risk Assessment ‘methodologies’ and strong communication skills/ experience with facing demanding clients
Proven track record in delivery of quality IT Risk services to IT
Excellent relationship management and client focus skills
Excellent written, interpersonal and presentation skills
Ability to manage a team to deliver, including managing the team book of work
Degree in a scientific, computing, mathematical or engineering degree or equivalent experience
LI-SA2*

IT Risk Manager Resume Examples & Samples

Evaluates alternative means of reducing the firm�s exposure to catastrophic loss
Implements risk valuation models
Provides technical guidance to employees, colleagues and/or customers

IT Risk Manager, Banking & Capital Markets Resume Examples & Samples

A relevant professional qualification (i.e. CA, IISP, CISA, CISSP, CIA or CISM)
A proven track record of experience from either a big 4 practice, consulting or from within the
Banking & Capital Markets sector
Subject matter specialism in a relevant area of technology
A strong personal network and the ability to play a role in the development of new business
Exceptional client relationship and consulting and/or assurance skills
Ability to manage across multiple complex projects
Strong business awareness, sound reporting skills and the ability to work under your own initiative
Risk and Regulatory Frameworks (ITIL, CobIT, ISO 27001, PCI-DSS etc)

IT Risk Manager Resume Examples & Samples

Service Management
Identity and Access Management
Threat and Vulnerability Management
Data Governance / Management
Project Assurance
Business Continuity Management and Disaster Recovery
A proven track record of experience from either a big 4 practice, consulting or from within the Banking & Capital Markets sector
Exceptional client relationship and consulting and/or assurance skills Ability to manage across multiple complex projects

IT Risk Manager Resume Examples & Samples

Develop and implement a Line 2 IT Risk Management Framework, supporting the design on Line 1 control environment and build out risk policy and procedure
Work closely with the business to provide IT Risk advisory support, building strong stakeholder relationships to enhance risk assessment and above all, risk culture
Assess and effectively communicate the business' technology risk profiles
Support Line 1 in effectively monitoring and evaluating technical issues and incident management
Develop, review and implement technology self-assessments, and oversee the controls assurance process
Navigate the IT environment and associated risks, including internal systems, data storage, projects, digital channels, outsourced businesses, and 3rd Party agreements
Demonstrable extensive Operational Risk/Audit/Assurance experience
Must possess a technology/IT background and understand key IT Risk Management trends, ideally from a Line 1 or Line 2 risk perspective
Working knowledge of Financial Services/Banking industry
Demonstrates business partnering to drive risk maturity and the ability to be hands on & deliver

Senior IT Risk Manager Resume Examples & Samples

Provide day-to-day leadership direction and management guidance to the coverage team and serve as primary point of contact for any assigned IT Service group(s). Ensure the development of aligned Risk Management processes, procedures, reporting and activities. Lead and/or provide oversight to assigned initiatives to ensure successful completion and realization of benefits/objectives
Provide aggregated risk oversight for one or more high-impact areas of IT Services for core components of IT risk mitigation, governance, measurement and reporting activities. Actively engage in end-to-end risk remediation planning, resolution and monitoring activities, including Technology Continuity Management planning and testing activities. Collaborate with senior business and IT Services ' leaders and other risk managers to resolve challenging risk matters
Be a trusted adviser, provide consultative services to IT Services group(s) to facilitate awareness, support and guidance of risk identification and migration strategies; interpret regulatory guidance to reduce risk. Advocate for BB&T’s risk culture throughout the IT Services group(s); promote and influence education for associates on sound risk management practices. Attend and participate in assigned IT Services group(s) staff meeting, audits and strategic projects to better integrate into the groups
Develop and maintain strong, positive working relationships and effective channels of communication with other risk associates, including those in Enterprise Risk Management, Operational Risk Management, associates in other control functions and Executive/Senior IT Services' management. Provide direction and guidance in the development, implementation and communication of risk-related policies and standards
Manage processes and assist on strategic risk initiatives that provide IT Services' and BB&T leadership with information needed to make informed risk management decisions within risk appetite/tolerances. Consult on projects in pipeline. Develop effective/valid reporting, working with peers to identify trends, emerging risk and key risk themes within IT Risk Management and across other groups and lines of business. Develop and deliver presentations and communications to senior leaders and Executive Management
Make team personnel recommendations regarding employment, career development performance evaluations, compensations and promotions within policy and guidelines
Evaluate key risk indicators and changes in risk profile, driven by environmental influencers, new business changes, assessment findings, etc. Demonstrate and share business acumen thorough understanding of industry risk drivers, emerging risks, and IT trends related to IT Services group(s)
Engage in pre- and post-project risk assessments and participate in other key risk assessments. Provide guidance and support in the proactive identification and mitigation of risk management practices in areas including Risk and Control Self-Assessments (RCSA), IT Risk Assessments, Application Portfolio Management Assessments, Vendor IT Risk Assessments, Disaster Recovery, Event Reviews and Application Criticality Assessments. Decision on, monitor and risk assess third-party and vendor relationships
Serve as a member of the IT Leadership Work Group and work effectively with peers and other (up to and including members of Executive Management)
Proactively develop and ensure efficiency of risk-based processes and programs to effectively align with and support business partners
Ensure that for the Federated IT Risk Management principles and concepts that risk associates understand their risks, have established and use proper metrics, tools and reporting, and can demonstrate their ability to manage their risks
Represent BB&T in key industry organizations, forums and other venues
Bachelor's degree with in a financial-related discipline (e.g., Accounting, Business, Finance) or equivalent education and related training
Ten years of experience in a financial institution with emphasis on risk management or equivalent work experience and training
Extensive experience in IT risk and operations, including extensive knowledge of IT policy, procedures and regulations
Knowledge of key technology rules/regulations and IT risk management practices (e.g., Information Security, Business Continuity, Federal Financial Intuitions Examination Council (FFIEC), Control Objective for Information and Related Technology (CoBIT), Information Technology Infrastructure Library (ITIL))
Excellent leadership skills; excellent communication (verbal and written), presentation and facilitation skills
Ability to influence and communicate with impact
Excellent interpersonal and relationship management skills with ability to interact and communicate within all levels of organization and within public sector/governmental agencies
Excellent negotiation skills and highly collaborative planning ability, excellent diplomacy, tact, judgment, problem-solving and decision-making skills; effective use of delegated authority
Ability to successfully manage multiple projects and priorities concurrently
Strong work ethic, consistent follow through, and positive attitude
Demonstrated proficiency in basic computer applications, such as Microsoft Office software programs
Master's degree in Finance or Business equivalent
Professional designations such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRlSC), Certified Project Manager (CPM)
Strategic business and financial planning experience
Experience with audit processes and techniques
Certification in process excellence and process improvement methodologies (e.g. Six Sigma or LEAN)

IT Risk Manager Resume Examples & Samples

Project Management: Project manage a portfolio of client engagements, which includes determining the project scope and resource requirements, monitoring progress against budget and established timeframe, review of work completed by junior team members and resolving all project issues prior to Partner, Director or Senior Management review
Client Service Delivery: Liaise directly with clients and internal teams to scope engagements, budgets and timeframes. Act as a point of escalation throughout an engagement with respect to project delivery matters. Identify and raise matters with a director or partner while exercising judgement within agreed parameters
Networking and Marketing: Act as an ambassador of the firm, participate in marketing events, keep abreast of the wide range of services the firm offers and suggest innovative products and services. Attend team meetings and represent the Technology Risk team at office and firm meetings as required
Personal Development: Develop the necessary skill set in core product streams and specialise in two of these areas by proactively staying informed of developments and marketing services
CISA qualified (Essential), and a professional qualification in finance such as ACA, ACCA or CIMA (desirable)
Experience of IT general controls and application control reviews in support of external audit engagements
Experience of supporting external audits companies in a variety of sectors (for example, retail, manufacturing, financial services, technology or professional services sector)
Experience of auditing ERP packages such SAP, Oracle & Dynamics AX
Excellent People Management skills and inspirational manager
Ability to identify and assess complex IT risks and controls and relate them to the requirements of a financial audit
Hands on experience of designing, performing and reviewing data analytics and controls testing

IT Risk Manager Resume Examples & Samples

Provide AMP with a thorough understanding of its IT risk and security profile
Champion technology risk, compliance and security frameworks and proactively conduct assessments of IT related risks
Apply the necessary dynamic tension to encourage mitigation of known IT risks
Develop a strong IT Risk awareness culture across IT@AMP
Produce regular IT risk reports to the IT Leadership team and various business risk and compliance committees
Ideally at least 5 years' experience in the development, and maintenance of IT risk frameworks
Demonstrated understanding of IT risk related legislation, regulations and standards (eg. ISO 27000 / 17799, COBIT, PCI DSS, GS007, APRA guidance statements)
Broad knowledge of IT risk and security trends
Tertiary qualifications in IT related field
Excellent communication skills, both written and verbal with ability to articulate complex IT risks in simple business terms
Strong problem solving aptitude, with good attention to detail
Strong interpersonal skills and ability to develop deep relationships of trust with IT and business stakeholders
Ability to run effective workshops/meetings and ensure that all stakeholders reach consensus

Senior IT Risk Manager Resume Examples & Samples

To contribute to the development, implementation and management of the Global Risk Framework, risk appetite, policies, procedures and management information requirements covering specifically IT risk
To help drive a proactive risk culture that is infused across the entire organisation
To drive provision and maintenance of an accurate and reliable IT risk profile, partnering with the Business areas to ensure identification of critical business processes, and to ensure that all key risks are properly identified, assessed, monitored, controlled and reported in a timely fashion. To ensure theming can be undertaken to highlight and drive prioritisation of systemic issues both regionally and globally
The definition and management of controls and processes and implementation of internal controls
To undertake independent assurance of the adequacy and effectiveness of the company's management of its IT risks, controls and processes
To contribute to the effective governance of risk. He/she will take an active role in regional risk committees, offering constructive challenge and helping to support the Committee fulfil its role and responsibilities. Will facilitate and encourage informed and constructive debate and challenge on key risk issues and ensure that management information is provided in an accurate, timely and clear manner, ensuring all activity is undertaken against a background of the agreed risk appetite
To lead, drive and embed best practice and pragmatic risk/control management across the organisation, demonstrating an understanding of the control weaknesses, driving remedial action plans to improve business and move towards the agreed risk appetite position
To alert senior management immediately of any significant changes to the IT risk environment, deteriorating exposures and counterparties and evidence of emerging risks
Manage the engagement with Internal/External Audit, ensuring consistency of learning and remedial actions. Drive timely resolution of internal and external audit points together with any issues raised by external auditors
Ensure reliable data is produced and that measurement/modelling of risks are refined to facilitate more complete analysis/evaluation of risk scenarios
Proactively manage, develop and maintain intra group relationships across the Three Lines of Defence to optimise results in areas of common interest
Experience across all risk types in a management capacity
A successful track record as an IT risk manager and good knowledge of the operational and regulatory complexities impacting the business from strategic, operational and change perspectives
Hands on experience of IT risk assurance and control frameworks
Gravitas and the capability to provide constructive challenge to the business and ensure IT risks are addressed appropriately
Strong analytical thinking and communication skills including the ability to research and understand complex processes and effectively communicate them to senior management
Demonstrated ability to perform process analysis and experience in designing controls
Experience in leading/delivering IT risk assessments and scenario analysis
Good stakeholder and relationship management skills at all levels
Personal integrity, the ability to lead a small team and take leadership of specific tasks and activities
Self-starter with the ability to deliver under pressure
Strong written and verbal communication skills with the ability to foster a collaborative working relationship with multiple areas and complex business lines
As this is a global organisation, the Senior IT Risk Consultant will be required to attend conference call meetings outside of normal UK office hours and take occasional international business trips

Senior IT Risk Manager Resume Examples & Samples

Assist OTRC to define and implement a New and Emerging Risk Program
As new initiatives and strategies are prioritized by technology – work with key stakeholders to ensure IT risk management priorities and overall strategy are represented
Remain aware of the regulatory environment/requirements around specific technologies – ensure new initiatives are not in conflict with regulatory commitments that are known or likely
As new and emerging risks are identified – represent OTRC, occasionally in a leadership role, to contribute to CAP planning and associated remediation efforts
Drive a predictive instead of reactive approach to new and emerging technologies, anticipating potential risk concerns prior to implementation
Persuade and influence senior stakeholders in other areas of Citi and occasionally external parties through outstanding communication and negotiation skills
Clearly articulate and present design solutions, rationale issues and tradeoffs. Message complex risk management enhancements into readily understood concepts and support senior management with the design and development of Regulatory materials
Oversee in-depth and sophisticated analysis with interpretive thinking to define problems and develop innovative solutions
Proactively advance best-in-class design approaches, solutions and develop recommendations of how to proceed with report and dashboard development
Develop effective working relationships with senior line management and peers across Citi
Demonstrates strong judgment, political astuteness, and sensitivity to cultural diversity
15+ years of experience in an IS or Risk Management Role
The candidate must have a proven track record to present solutions to stakeholders and senior executives, lead brainstorming sessions, and estimate level of effort for projects and tasks
Effective negotiation skills, a proactive and 'no surprises' approach in communicating issues and strength in sustaining independent views
Ability to ask the right questions of business and technologists to resolve issues and make fast decisions
Experience with Cloud and Big-Data Technologies (e.g. AWS, Hadoop, Spark, Platafora, Datameer, RevoR, provider vs. tenant paradigm)
Experience with mobile-specific technologies and release challenges (e.g. GIT Hub, VA concepts, App Stores, M-SDLC)
Experience in Banking or Finance a plus
CISSP or CISM a plus

IT Risk Manager Resume Examples & Samples

Oversee 1LoD Risk and Controls
SME understanding all related Information Technology risk matters including assessment of appropriateness of 1LoD controls, implementation and associated risk management practices
Lead IT challenge and oversight activity of IT Risks faced by the business
To develop and maintain external and internal contacts to identify, evaluate and assess evolving Technology threats, opportunities to contribute to the resilience
Ensuring compliance with IT Risk and Controls Policies and Standards
Providing oversight of compliance with relevant regulatory and legal requirements as they relate to IT Risk and Controls
Protection of customer, employee and corporate confidential information
Facilitating the execution of IT Risk and Controls Strategic initiatives and projects
Determining priorities, sponsorship and investment requirements for regional initiatives
To provide expert input to IT related Governance, Assurance, Executive Briefings, Group initiatives
To define, manage and measure Information Technology related KRI's to support understanding of the risk profile
To develop and maintain effective relationships with senior stakeholders in the business to ensure that IT risks are maintained in line with risk appetite strategy and objectives

IT Risk Manager Resume Examples & Samples

Responsible for developing and implementing IT security and risk management frameworks and policies
Identify technology and information security risks and provide recommendations to the risk management process
Participate in IT audit , security and compliance activities through close collaboration with internal and external auditors
Lead all IT security efforts within the business and push for trainings and activities to increase IT security awareness of all staff across the business
Conduct regular reviews on vulnerability management, access controls, audit controls, information systems etc

IT Risk Manager Resume Examples & Samples

Managing Risk Services engagements end to end, specifically risk and control technology services which will include application security, GRC technology enablement, project risk management and supplier risk management
Support partners generate new business opportunities and build client networks and relationships
Actively identify opportunities to better serve clients
Developing and maintaining productive working relationships with clients
Manage the financial aspects of client engagements and communicate significant issues, fees, and estimates-to-complete to partners and client
Preparation of reports and schedules for clients and other parties
Contribute to people-related initiatives including recruiting, retaining and training Risk professionals
GRC technology design, implementation, operation and assessment using one or more technology vendors such as SAP GRC, RSA Archer, MetricStream and/or Thompson Reuters
Process Risk and Controls Design, Implementation and assessment across core enterprise processes such as finance, supply chain, procurement etc
Project, program and portfolio risk management experience including benefits realisation, program assurance and portfolio optimisation
Application Security and Configuration
Governance, risk and compliance functional experience
Compliance system development and management
Risk assessment, mitigation and remediation
A strong self-starter with a high level of initiative
A Prince 2 or equivalent certification is also highly desirable

IT Risk Manager Resume Examples & Samples

Well developed sense of personal accountability
Demonstrable Operational/Non-Financial Risk Management skills
Experience of working in major projects in large financial institution

IT Risk Manager Resume Examples & Samples

Managing and coaching staff as they perform assessments to evaluate controls, security, SOD, and execute audit procedures
Leading the adaptation of a work program and practice aids
Reviewing and evaluating SSAE 16 reports from 3rd party providers
Interfacing with business and technology partners on projects as well as serving as a IT Risk Subject Matter Expert during the planning and execution of technology initiatives
Demonstrated audit or consulting experience in
A Master's degree in Information Systems, Computer Science or related IT Audit and Controls discipline

IT Risk Manager Resume Examples & Samples

Provide pragmatic advice to clients who are looking to drive value from their investments
Develop and maintain productive working relationships with clients
Develop and lead high performing, cross functional teams
Lead and manage teams in the delivery of IT governance and risk framework review and implementation support
Lead and manage IT Risk Assessment services across functions within clients ICT environments relating, but not limited to governance, architecture, compliance, vendor management, service delivery, program and project management
Lead and participate in business development initiatives
Apply your knowledge and experience to shape our services and motivate the team
Effectively manage end-to-end engagements with a focus on delivering valuable outcomes that exceed clients expectations
Present and facilitate both client and internal meetings and workshops
ICT Strategy, Governance and Compliance including technology enablement
ICT Service Management aligned to ITIL requirements
Managing or supporting an IT risk management function including the development/ maintenance of an IT Risk Management Framework and the performance of IT risk assessments across functions/services
Design or implementation of IT controls to mitigate risks across IT function areas
Third Party (including IT) Vendor Risk Management including supporting governance requirements
Understanding of regulations or standards/acts/better practice (e.g. Privacy, RiskIT, CoBIT 5, ISO 31000, PCI DSS, etc.)
Excellent communication skills, demonstrated through effective written reports and presentations
Knowledge of current technological developments/trends in area of expertise

Risk-it Risk Manager Resume Examples & Samples

Assisting in the implementation of 3LoD initiatives for the team for 2016 and into 2017, resulting in a BAU operating model
Completing implementation activities during the course of 2016 and into 2017, working with colleagues in GTO Technology, CISO and GDM. This will range from
Information Technology Risk Management related experience preferred
Demonstrable Operational and Non-Financial Risk Management skills
Strong work ethic and sense of urgency in personal approach to problems
Mandarin speaking skills

GPB IT Risk Manager Resume Examples & Samples

Demonstrable expert knowledge in operational risk management, internal control, or internal audit preferably within a banking operations and / or IT Function
Proven project / process management experience with a solid delivery track record driving change
Strong communication and interpersonal skills to a wide range of individuals and groups and at different levels of seniority
Ability to drill down to root cause and write/review clearly articulated risk documentation
Self-starter and effective collaborator
Innovative and able to assess needs and propose solutions
Excellent time management skills
Ability to influence without direct management authority
Risk assessments and internal control monitoring
Proven experience of being a trusted friend
Local regulation knowledge
Project Mgmt and delivery skills
Understanding of particular risk in an environment: gpb-data privacy etc

IT Risk Manager Resume Examples & Samples

Research/gather information for the development/maintenance of global policies, including IT and acceptable use policies, and supporting documents
Work closely with policy stakeholders to develop and maintain policies that safeguard EY against the changing threat landscape
Interface with various stakeholders and functions to validate that policies are consistently implemented and reflected in their functions’ processes
Facilitate and participate in the policy review and approval processes
Contribute to IT policy awareness
Aggregate data from disparate sources into holistic risk picture
Present risk metrics and information in meaningful business terms
An in-depth understanding of ISO 27002, ISO 27001, ISO 31000 frameworks and applying these frameworks
A working knowledge of policy frameworks such as ISO, COBIT and unified compliance framework
Experience in developing and executing reporting strategies
General technical knowledge of operating systems, databases, networks, and mobile and cloud computing
Experience with MS SharePoint, including development and maintenance of SharePoint sites
Experience with RSA Archer
Experience in communicating to all levels of management, clients and vendors
Five or more years of experience in the Information Technology, Information Security and/or IT Risk Management field(s)

IT Risk Manager, Payments Resume Examples & Samples

Partner with product teams, compliance and operations to identify, define, and solidify an appropriate IT risk and controls framework for payments entities which includes identifying key controls, testing, and remediation
Conduct and/or coordinate risk assessments for technology, compliance, and security frameworks
Execute projects to close gaps
Translate legal requirements, internal policies, and best practices into controls
Facilitate multiple stakeholders to agree on appropriate solutions and verify that risks are mitigated appropriately. Verify that required compliance controls are baked into new products
Perform deep dives on compliance-related processes and systems
Stay abreast of innovative business and technology trends in payments governance, risk, and compliance and advise leadership on technology initiatives
Partner with product, technology and compliance teams to define and implement new compliance business requirements within supporting systems
7+ years progressive experience in IT audit, information security, and/or privacy
Excellent leadership and communication skills (verbal and written)
Ability to collaborate with business partners in setting business goals and objectives
Knowledge of risk assessment methodologies, IT policies and standards, awareness, and training
Understanding of modern transaction processing environments is a plus
CISSP/CISA

IT Risk Manager Resume Examples & Samples

Risk Identification - Oversee, Manage, Report and provide Transparency on ITEC’s Risk Identification process including its Annual Risk Control Self Assessments (RCSA), and the Information Systems Security Program (ISSP), led by SAFE. The IT Risk manager shall also follow track and report on Risk identification efforts by Internal Audit and provide visibility on all audit points related to risk
Risk Measurement – Utilizing the methods defined by SAFE and the Enterprise Risk Committee, the IT Risk Manager shall be responsible for collection, analysis and dissemination of relevant data for measurement of risk, inclusive of outages (incidents, problems), outage time, outage resolution, , and operational financial losses
Risk Mitigation – SG has a comprehensive program to define is annual priorities for investment in Information Security. This role shall be responsible for liaising with the relevant actors, local and global, and applying its priorities specifically to the IT Americas area

IT Risk Manager Resume Examples & Samples

Assist in defining and documenting team roles and responsibilities
Assist in the development of management dashboard reporting to track progress of key deliverables as well as monitoring of key performance and risk indicators
Monitor and ensure “at risk” metrics or past due program deliverables are reported, escalated and plans developed to remediate issues

IT Risk Manager Resume Examples & Samples

Shares complex information related to areas of expertise
Develops and socializes Risk Strategy and Roadmap for Claim
Proposes and drives initiatives in support of risk strategy
Represents Claim at the Enterprise Risk Counsel
Identifies and Manages Risk for Claim
Tracks progress and measures level of risk on ongoing basis (Top 10 Risks)
Communicates Claim Risks at the Enterprise level advocating for solutions
Assist BISO in Security Incident Management by assessing and assigning risk level
Accountable for Access Validation Recertification (SailPoint campaigns) for all applications in scope
Accountable for maintenance of Disaster Recovery and Business Continuity plans for all of Claim
Accountable for the execution of the annual Entity Risk and Fraud Assessment (ERFA)
Accountable for metrics and reporting for the team
Technical Knowledge: A solid understanding of current technology capabilities, and a keen interest in staying abreast of emerging technology trends and opportunities. In-depth knowledge of Risk Framework and industry best practices around Risk Management. Solid understating of SDLC and supporting methodologies. Proficient user of RSA Archer
Business Knowledge: Working knowledge of the Property & Casualty insurance industry especially the key business drivers and risk factors
Communication: Effective written and verbal communication from technical team direction to senior management presentations and demonstrated an adaptive style for gaining the engagement, cooperation and commitment of others
Problem Solving and Decision Making: Demonstrates outstanding analytical and diagnostic skills when dealing with complex issues and uncertainty, and the ability to make sound decisions quickly while carefully evaluating risks and alternatives before taking action. Possesses strong negotiation and collaboration skills, and effectively consults and communicates with key stakeholders regarding critical decisions

IT Risk Manager Resume Examples & Samples

Own and administer client GRC system. Using this system, collect and track IT security risks
Own and operate the third-party risk management program, including collecting and reviewing information and artifacts from third-parties, analyzing risks, presenting findings to CELERITY business teams, and supporting negotiation of any necessary contract security provisions
Manage oversight of and promote timely remediation of IT security risks. Establish an effective approach to collaborating and communicating risk with business and technical stakeholders to ensure remediation milestones are met. Success requires an understanding of the processes used and challenges faced by those directly responsible for remediating risks, and the ability to effectively negotiate and collaborate with those teams to establish mutually acceptable timelines and then ensure milestones are met
Benchmark risk management practices of comparable organizations, monitor the legal and regulatory environment, and manage the CELERITY Risk Management program to appropriately incorporate best practices and relevant regulatory requirements
Work with business and technical stakeholders to facilitate IT risk analysis and risk management processes and identify and track acceptable levels of residual risks through appropriate risk acceptance processes
Analyze risks and generate metrics that drive management and minimization of overall portfolio risk. Report regularly on risk management status, trends, and opportunities for reducing risk. Supervise a small team of risk analysts
Bachelor's degree with a focus on IT or IT-risk-related disciplines (e.g. security, privacy, compliance); past financial services industry experience a plus
CRISC or a similar risk management certification is a plus
Solving problems through effective collaboration and development of effective working relationships across business and technical teams
Success as a persuasive negotiator, to reach consensus on differing views of risk and to facilitate commitment on remediation strategies, milestones, and risk acceptance where appropriate
A solid understanding of the nature of IT risks across multiple IT disciplines (e.g. systems and servers, desktops, network, software development, cloud, etc.)
The use of tools such as Excel to analyze and aggregate risk data
Strong written and verbal communication skills with the ability to communicate in a compelling manner with business and technical stakeholders in one-on-one as well as group presentations
A strong attention to detail; well organized and thorough
Successfully handling competing priorities
Excellent planning skills
Experience with the following is a strong plus: Managing compliance with FISMA, NIST SP800-53, PCI-DSS, and DOJ CJIS is a strong plus
Experience with RSAM

IT Risk Manager Resume Examples & Samples

Provide technical expertise and direction in the areas of internal controls evaluation for a variety of assessments (SOX, EU Privacy Shield, PCI-DSS, etc.) including all phases of planning, evaluation, documentation, testing and remediation
Accountable for the development and delivery of standards, best practices, policies, and oversight programs to ensure effective controls across the enterprise
Develop and establish IT risk reporting against established enterprise risk metrics
Manage and carry out varying security risk assessments, providing advisory support to business contacts on the evaluation of risks, development of risk responses, and work with stakeholders to define and implement process enhancements as needed
Oversee IT regulatory compliance programs, including SOX and Global Privacy
Communicate information security risk, compliance gaps and other security issues in a business context, translating technical risks into business risks
Liaisons with other internal departments as needed to ensure business continuity and disaster recovery plans are connected
Train and mentor staff as needed
Minimal travel as needed
Additional risk management activities as needed
Ability to define and communicate risk in business-relevant language
Proven experience building an IT Risk Management framework
Ability to be independent and self-directed
Ability to react to high pressure dynamic changing environments
Ability to train risk concepts to non-technical people
CRISC or CISA preferred
In depth knowledge of IT Risk Management practices
Broad knowledge in analyzing and applying information security, risk management, and privacy practices or policies
Strategy definition or program management experience preferred
Threat, vulnerability, and risk assessment experience
Successful history working with auditors
Knowledge of national and international regulatory compliances and frameworks such as SOX, EU Privacy Shield, and PCI DSS
10+ years of experience in IT roles, including interactions with senior leadership
5+ years of experience leading IT risk management

VP IT Risk Manager Resume Examples & Samples

The implementation of an efficient IT Risk Management framework within his entity in charge of IT activity whose components are declined from the Level 2 procedure ‘Risk ORC / ORC IT Risk Measurement and Management – Risk ORC / ORC IT Missions and Responsibilities’ and from the Level 2 procedure ‘Oversight of Risk ORC / ORC IT organization and Governance’. The management of IT risk operationally by assessing and treating appropriately the risks
Creation and Maintenance of new policies and procedures, enhance the existing policies, procedures and IT Risk requirements (structure/program) as needed
Ensuring existence of the appropriate IT organization structure in forecast/ESOP
The follow-up (and production of regular reporting) of Métier/Region IT recommendations implementation (e.g. IG/Regulator/External/Permanent Control actions/Independent consultant) including the reminder to the implementation manager and the escalation at Métier/Region level in order to meet the Group objectives
Investigate and record Historical and Potential IT Incidents. Ensuring the proper collection and analysis of IT historical incidents and the validation of Métier/Region IT incidents before the input in the dedicated Group system, based on CIB standardized criteria
Contribute to the definition and follow-up of associated action plans in addition to regular reporting
Coordinate the bi-annual input of the CIB standard IT OPC control plan results and the main points of attention related to the IT activity processes for the Function/Métier/Region in a Permanent control report
Centralize and consolidate all information related to IT domains including those that are not directly under his direct responsibility. Validate the report with the IT Métier/Region management
Organize Function/Métier/Region IT risk committee at least twice a year (according to Risk procedures)
Identify Métier/Region IT risks perform the follow-up of those IT risks in CIB Archer, ensure that the analysis and evaluation of the underlying risks (via the mapping and analysis of historical incidents have an IT cause). Manage IT risk by assessing and appropriately treating the risks
Contribute to the quantification of IT Métier/Region potential incidents (for AMA entities)
Coordinate all IT permanent control actions for the Métier/Region to ensure a complete and efficient IT Risk Management Framework
Bachelor’s degree in Computer Science. MBA preferred
Professional certifications CRISC, CISA, CISSP, CISM, CGEIT or CIA preferred
Minimum of 7 to 9 years of related experience in IT Audit, Information Technology Risk and Control, Information Security, Information Technology, Governance of Information Technology, or a related field
Experience in developing processes, implementing controls, writing or working with information security and technology policies or procedures and liaising with IT and Business personnel (at all levels)
Strong communication skills, both verbal and written, diligent, detailed oriented, proactive
Experience with Archer system; or a similar Governance, Risk and Compliance Tool (GRC Tool)

IT Risk Manager Resume Examples & Samples

Bachelor’s degree in Computer Science is mandatory. MBA preferred
Minimum of 7 to 9 years of related experience in IT Audit, Information Technology Risk and Control, Information Security, Information Technology, Governance of Information Technology, or a related field is mandatory
Experience in developing processes, implementing controls, writing or working with information security and technology policies or procedures and liaising with IT and Business personnel (at all levels) is mandatory
Familiarity with COBIT, ITIL, FFIEC, ISO/IEC 27001, ISO/IEC 9001, ISO/IEC 20000, SEC, SOX, GLBA, FINRA, Dodd-Frank and other related control frameworks or legislation and regulatory sources is a plus
Strong communication skills, both verbal and written, diligent, detailed oriented, proactive mandatory
Good organizational skills, project management and ability to manage multiple tasks simultaneously
Ability to work effectively, independently and within teams, to achieve management objectives
Proactive and eager to take on new tasks and challenges,
Ability to identify and propose opportunities for process (and control) improvements
Ability to lead meetings and forward discussions, carry out day-to-day operational work while thinking and planning both tactically and strategically
Demonstrates Persistence, poise and perseverance and able to complete deliverable, accomplish goals and objective under pressure and within set timelines
Proficient in MS Office (specifically Excel, PowerPoint, Word), VISIO, SharePoint,

Risk-it Risk Manager Resume Examples & Samples

Assisting in the implementation and operationalization of the IT Risk function through delivery of key initiatives and the establishment of the APAC operating model
Analyse regulatory, audit and 3LoD program requirements to structure a control framework for IT Risks in scope
Completing implementation activities ranging from CTB to RTB programs, working with colleagues in core COO Technology, CISO and GIRM and CDO. This will range from
Minimum of 5 years of related experience, preferably in financial or consultancy firm
Must be able to work effectively in English and Mandarin (both written and spoken)

Senior IT Risk Manager Resume Examples & Samples

Develop and maintain an IT Risk Program to identify, manage, and control IT risks within the business enterprise
Design and perform IT risk assessments on concepts, solutions, products, services or processes
Identify appropriate information security requirements and controls based on current and future risks, policies and architecture
Design and maintain an IT Risk Register for the enterprise
Develop a third-party assurance program for the organization and ensure third-parties meet acceptable information security and compliance standards
Review and negotiate third-party contracts for information security, compliance and data protection measures
Responsible for the successful implementation and maintenance of IT Compliance programs, such as SOX, PCI, and data protection
Provide consultation and advisement to the business and project leads around data protection, risk management, compliance initiatives, information security and IT risks
Facilitate assessment of and compliance with information security regulatory and legal requirements
Develop key Information Security, Risk and Compliance reporting metrics to ensure progress on these programs is managed and understood by leadership
Lead small-medium security projects and implementations
Performance of other duties and responsibilities as assigned
5-7 years Information Security, IT General Controls, Compliance, IT audit and/or Security Risk Management
3 years leadership experience, including consensus building, and ability to effectively work with cross-functional teams and resources to address competing priorities
Experience with internal project consulting to provide security requirements and guidance
Demonstrated experience with regulatory and legal requirements (e.g., PCI, SOX, HIPAA etc. requirements)
Knowledge of security & risk frameworks, standards and best practices (i.e. PCI, ISO, ITGC, COBIT, COSO, CMM)
Strong communication, documentation, presentation and facilitation skills
Strong project management skills, analytical skills and attention to detail
Ability to translate a business agenda into technology terms
Strong knowledge in Process Improvement

AVP, IT Risk Manager Resume Examples & Samples

Bachelor's Degree in Business or Technology area or equivalent experience
5+ years in IT Infrastructure, Development or Production Audit Services
Industry certifications such as Certified Information Systems Auditor (CISA) and Certified Information Systems Security Professional (CISSP) -- a plus
Demonstrated use of data analysis software, audit management software and continuous audit solutions
Ability to establish credibility and working relationships with a wide range of corporate personnel, including operations, management, executive and legal staff, as well as with external personnel, including external auditors and regulators
Proven IT leadership and staff development skills in a regulated industry
General knowledge of data center operations, telecommunications, network engineering, data center applications, client/server computing, and production operations support
General knowledge of business theory, business processes, management, budgeting and business office operations
Demonstrated expertise in project management
Proven experience in writing audit reports for different audiences -- the audit committee, CIO, CTO, C-suite members and auditee teams
Proven experience of working in technology environments, including information security, encryption methods, privacy-based solutions, and solutions for backup and recovery
Extensive experience in risk-based audits

IT Risk Manager Resume Examples & Samples

IT Risk and CyberSecurity
IT Regulatory Compliance
External IT Audit support
Graduate preferred with a Bachelor’s degree in Technology or Engineering
In depth experience of IT Infrastructure and systems security
Sound understanding of IT Systems Audit and controls
Strong project management background (PMI certification preferred)
CRISC (Certified Risk and Information Systems control) certification preferred
Certification or hands-on experience in Microsoft Productivity tools and platforms (AD, Exchange, Azure equivalents)
Keeps up to date with Information Security current affairs relating to information security, business continuity, data management, security and encryption, vulnerability analysis and audit