IT Risk Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the it risk job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.

USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.

SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Create a Resume in Minutes

B Gusikowski

Brooklyn

Gusikowski

6038 Kreiger Underpass

Philadelphia

+1 (555) 366 4389

6038 Kreiger Underpass

Philadelphia

Phone

p +1 (555) 366 4389

Experience Experience

New York, NY

Senior.group Mgr, IT Risk Mgmnt

New York, NY

Kuhn, Morar and Olson

New York, NY

Senior.group Mgr, IT Risk Mgmnt

Conduct training/workshops to ensure that stakeholders understand and contribute to the risk management process
Conduct and lead a technology root cause analysis program and drive improvement resulting from the findings
Establish risk control processes and procedures
Collaborate with senior business risk managers and key stakeholders to validate technology’s portion of their risk appetite
Create a financial services industry-leading automated control testing solution
Develop an IT risk reduction and awareness program
Develop technology risk response action plans used to mitigate risk factors identified during risk assessments

Philadelphia, PA

Director, IT Risk Domains

Philadelphia, PA

Bradtke-Rogahn

Philadelphia, PA

Director, IT Risk Domains

Provide focus and clarity in establishing individual goals, driving performance management, supporting career development and rewarding strong performance
Demonstrate a collaborative work ethic and enterprise-wide mindset in the performance of duties
Manage scenario analysis across the domains
Oversee the development of domain measurement and monitoring policies and practices
Leverage the value in unit, department, and enterprise-wide teams to develop better solutions and achieve optimal enterprise-wide results
Provide advice on escalated IT risk policy and risk mitigation issues
Accept and successfully execute change while supporting employees through the process, and keeping them focused on business priorities

present

Chicago, IL

Director IT Risk, &TS, Europe & Asia

Chicago, IL

Douglas, Cummerata and Langworth

present

Chicago, IL

Director IT Risk, &TS, Europe & Asia

present

Act as the Centre of Expertise for IT Risk best practices managing key business platform executive relationships in the assigned region
Oversee and guide risk assessment activities in the region according to regional priorities
Advise and assist first line of defense in IT Risk mitigation planning activities
Establish effective monitoring practices to ensure adherence to the IT risk management framework and policy and assist business in the identification of issues
Liaise with industry peers to develop insights into leading IT Risk management practices
Global and regional scope and impact
Produce quarterly reports to business senior management and IT VP/SVP on the assigned region’s IT Risk profile including application, infrastructure and third party

Education Education

Bachelor’s Degree in Business

Emory University

Bachelor’s Degree in Business

Skills Skills

Possesses strong analytical skills and has a thirst for knowledge (i.e., highly inquisitive)
Experience with DLP and cyber security tools and methods. Knowledge of security controls for handling of Personally Identifiable Information (PII) data
Ability to build strong and productive working relationships with staff at all levels across the company
Ability to maintain high ethical standards with a drive to achieve the right answer in difficult and/or ever changing situations
Strong influencing skills coupled with technical risk management expertise. This also includes a mature business approach to problem solving, conflict resolution and influence
Experience in implementing, enhancing and successfully managing an Internal Audit or SOx function with a global multinational company with a highly complex matrixed environment
Experience managing executives and cross-functional teams, including people development skills and leadership qualities. International experience and ability to work across cultures
Prior experience in IT Risk Management, Privacy Impact Analysis, or IT Audit Methodology strongly desired
Good understanding of security protocols and authentication schemes
Excellent organizational, written, presentation and verbal skills

Create a Resume in Minutes

15 IT Risk resume templates

Read our complete resume writing guides

North Asia IT Risk Administrator Resume Examples & Samples

Support risk managers in coordinating regulatory inspections, RFI, industry consultations and routine BAU activities
Organize meetings and materials including presentations, agenda, minutes of meeting, and executive summaries
Create project documentation such as scope, risk, issues, and plans
Create & produce periodic status reports
Manage project documentation in sharepoint or share drive
Monitor project progress and highlight possible delays or/and problems to the Risk Manager; and
Provide support to Risk Managers as required

Director, IT Risk Domains Resume Examples & Samples

Strategic Oversight and Challenge
Act as a resource to the regional and platform specific Directors, IT Risk, and IT and business senior management, utilizing broad knowledge across the domains, to support the development of risk mitigation solutions
Represent the domains for IT Risk providing independent oversight and challenge and provide support to the first line of defense senior management operating teams
Determine root cause of IT risk issues and triage to appropriate Senior Manager, IT Risk Domain for analysis and recommendations
Ensure overall consistency and a balanced approach is achieved and maintained in the development of policies across all domains
Ensure that the risk profile is fairly presented in ongoing reporting and escalate to senior management when the risk profile is at or near risk appetite
Work with the Directors, IT Risk and executives and senior management on escalated issues and to enhance their ability to anticipate and manage domain risks effectively
Oversee the monitoring of comprehensive domain risk appetite frameworks, policy, and control standards that align to industry practices and current and emerging regulatory requirements
Oversee effectiveness assessments and analysis of results of third party audit reviews
Manage scenario analysis across the domains
Recommend new policies based on current awareness of changes to industry standards and threat landscape relative to the domains of expertise
Oversee the development of domain measurement and monitoring policies and practices
Advise on the development of standards by the first line of defense to ensure policy alignment
Provide advice on escalated IT risk policy and risk mitigation issues
Risk Awareness
Oversee the promotion of IT risk management as an embedded discipline across the domains
Provide guidance to Communication/Training and Awareness teams on the development of domain related training and communication to ensure consistency across the domains
Undergraduate degree in Information Technology
A minimum of 10 years of experience in a progressively responsible role in one of the domain areas (Disaster Recovery & IT Continuity, Infrastructure, Data Quality, Performance & Scalability, or Change Management and Development Practices) within a global financial services organization
Solid understanding of the industry control environment within the various domain areas
Strategic mindset, with excellent knowledge and understanding of the financial industry
Enterprise-wide scope and impact
Keep apprised of changes to industry standards and threat landscape relative to the domains of expertise in order to make changes to policy
Large impact to the organization as oversees the provision of subject matter expertise in the management of IT Risk related to domains

IT Risk Policy Specialist Resume Examples & Samples

Help oversee annual/bi-annual reviews of 15 policies and approx. 500 standards, along with their associated procedures
Work closely with policy/standard owners and their working groups to oversee the writing and revision of documents as they come up for annual and bi-annual reviews. Once onboard, candidate will be required to develop a thorough comprehension of all ITRSM policies and standards, with a strong understanding of their various interrelationships
Interface with the 30-members of the IT Risk and Compliance (ITRAC) Steering Committee, which provides decision-making and guidance for the policies and standards program
Maintain responsibility for input and export of information in the online policy system
Participate in current efforts to revamp ITRSM policy/standard workflow
Conduct searches for policies, standards and procedures for document requests and other purposes
Help prepare routine presentations on policies to senior management (IT Risk Leadership team)
Minimum of 10 years of relevant experience in the financial industry
Experience in compliance and/or regulatory management
Excellent writing skills including the ability to draft policy-level documents
Thorough knowledge of MS Word, including use of its ‘Review’/’Tracking’ features
Intermediate-level user of Excel and PowerPoint
Strong knowledge of MS Sharepoint
Must be able to cope with changing priorities. Ability to interface with varying levels of staff and management to achieve an understanding of the business needs

Head of IT Risk TIS Resume Examples & Samples

Management of the IT risk assessment book of work for TIS and the America's region
Evolve the current service offerings from a focus on Information Security to include broader holistic operational risks relating to Technology
Build and manage a highly motivated, skilled team, developing talent and human capital
Provide input to the change management of key CS Policy and standards relating to IT Risk
Risk governance deliverables for the Americas region – ensuring risk content is the focus and delivered for major risk governance bodies as defined by the IT Governance framework
Support the development and communication of a comprehensive IT risk management strategy aligned to Op Risk, Business and IT strategies
Work closely with the 2nd line of defence lead for TIS Op Risk and America's Op Risk to ensure a holistic approach
Chair/participate in regional industry committees/forums to maintain awareness of trends and best practices, share the leadership/direction of the firm, and monitor changes in applicable regulatory requirements to enhance internal plans
CS and Industry wide knowledge of Information Security and Operational Risk management, specifically Technology related risk and the overall banking businesses in which CS operates
Depth of knowledge of IT technology and experience in managing and/or delivering IT service to be ‘practical’ in reviewing and recommending risk mitigation measures in a realistic IT environment
Proven track record in successful engagement with senior IT and Business personnel
An understanding of the impact of technology on banking systems, with business product knowledge a plus
Strong people leadership with a proven experience in building, managing and developing teams across multiple regions
Strong communicator with ability to build and maintain relationships to facilitate high quality
Demonstrated knowledge of the regulatory environment and engagement with key Regulators
It would be an advantage to also meet the following
Motivated and passionate SME in Information Security and Technology Risk Management
Professional certifications in key risk management or technologies
Proven Director level experience and track record of delivery of major technology risk related programs

IT Risk Assessment Resume Examples & Samples

Work with the Morgan Stanley-identified managed service provider to execute and complete Asset Assessments
Independently execute and complete Asset Assessments when required
Lead workshops to educate system owners and developers to share information about the NAC and ARA programs
Work with relevant subject matter experts to maintain consistency and accuracy of various technology controls as implemented within the Asset Assessment
Ensure any identified risks are properly prioritized and addressed through the risk reporting process (RADAR)
Perform quality assurance reviews on the asset assessments produced by the managed service provider and other team members
Draft summary reports highlighting the statuses of various ongoing reviews involving asset assessments
Support the managed service provider and team members during the asset review process where risk-related information may be derived from other sources(IPRAM, ILM, DNA)
Support maintenance of the NAC and ARA process by participating in revisions to the processing and data collection changes and changes to the GRC software platform (currently Archer)
3 to 5+ years of technology / information risk work experience
Solid understanding of technology & data and information security risks
Experience performing risk and control assessments at large, financial services institutions
Excellent oral, verbal communication, interpersonal and presentation skills required
Proven written communication skills on a technical and managerial level
Ability to handle confidential matters with discretion
One or more industry certifications (e.g., CISSP, CISM, CISA,CRISC)
Public Accounting (Tech) experience (e.g., risk assurance, external audit)
Familiarity with ISO 27001, COBIT, ITIL, Banking regulations (e.g., FFIECGuidebooks)

IT Risk Transformation Manager Resume Examples & Samples

SAP ECC security governance, design, configuration and testing
SAP FI/CO, SD and/or MM experience
Functional risk and controls experience for Source to Pay, Material to Inventory, Order to Cash and/or Record to Report; and/or
Integration experience with ECC, focused on IT infrastructure or process performance improvement
Continuous monitoring enabled by SAP ECC, SAP GRC or SAP BI, including governance; design; configuration and testing; integration between SAP and non-SAP solutions; OR data analytics using ACL or MS Access; and
Consumer Products, Life Sciences, Power and Utilities, Healthcare, OR Media and Entertainment industries

Director, IT Risk Resume Examples & Samples

Undergraduate degree in business
A minimum of 8-10 years of experience in progressively responsible IT risk management roles in a global financial services organization
Solid understanding of the Insurance and Technology & Operations business platforms, and business content experience within that platform
Well-developed impact and influence skills

Manager, IT Risk Policy Resume Examples & Samples

Develop and own policy roadmap including new deliverables and scheduled reviews in compliance with established review dates
Engage with Policy Forum to validate schedule setting priorities and obtaining committed resources to participate in working groups
Conduct a business needs assessment for all ad hoc document requests to provide a systematic approach for determining the current gaps and potential impacts
Schedule document development and maintenance to ensure work items are appropriately prioritized and resourced
Develop and recommend enterprise IT Risk policy documents to manage information technology, information security and related risks. This is a combination of new policy and integration of existing policies where appropriate
Ensure IT Risk policy and control standards are aligned to industry standards and key information technology/ information security legislation/regulation. This alignment is to be conducted as existing control standards are reviewed or as new ones are developed
Manage the storage of IT Risk policy documents in appropriate library systems, e.g. PPL, SharePoint, Archer
Enable the publication of approved IT Risk policy documents on the Privacy & Security website
Optimize existing documents as they are reviewed so that they are easy to read and understand. Ensure documents present the content in a consistent, easy to scan format
Manage the document management process and schedule for IT Risk policy documents to ensure the process remains relevant and the review is executed as per the timing identified in the Review Schedule
Develop a series of topical Views that encompass and clarify the related IT Risk control standards as identified by the IT Risk advisors and IS Consultants
Develop corresponding communcation requirements for new and updated policy documents and work with communication partners in developing communication plans; provide subject matter expertise and direction for IT Risk strategies and awareness initiatives
Particiate in transformation initiatives to develop an automated and integrated, efficient and consistent GRC approach to policy
Provide 2nd line support for the IT Risk Advisors and IS Consulting team with respect to policy/control standard challenges raised by the business
Support IT Risk Advisors and IS Consuting team members in policy document implementation and monitoring strategies, plans and tools needed to meet all IT-Risk related regulatory requirements, governing laws and other applicable laws and regulations globally
Provide central enterprise-level point of contact and coordination for IT Risk policy document management
Establish and maintain constructive working relationships with 1st and 2nd line of defence in policy management
Negotiation skills, teamwork and co-operation
Knowledge of banking regulation
Project planning and implementing skills

IT Risk Transformation Manager Resume Examples & Samples

Continuous monitoring enabled by SAP ECC, SAP GRC or SAP BI, including governance; design; configuration and testing; integration between SAP and non-SAP solutions; OR data analytics using ACL or MS Access
Consumer Products, Life Sciences, Power and Utilities, Oil and Gas, Technology, Healthcare, OR Media and Entertainment industries
Security and risk standards including COBIT, COSO, ITIL, ISO 2701-2, PCI DSS, OR NIST

IT Risk Team Lead Resume Examples & Samples

IT knowledge and experience at (applied) university-degree level
Minimum of 7 years’ demonstrable experience in IT-risk management within large and complex organisations
Minimum 2 years experience in leading specialist teams
Sound knowledge of and experience with IT development (scripting, automation, scrum/dev-ops, etc)
Fluency in English and preferably Dutch (orally and written)

IT Risk Section Manager Resume Examples & Samples

Coordinates and oversees the implementation, monitoring and/or management reporting of the IT Risk Management Program
Leads team responsible for maintaining technology risk/control framework and assessment program to ensure alignment with industry risks, trends, new technologies and new/changes in regulatory requirements
Assists lines of business with development of risk remediation plans and monitoring to ensure timely completion and that residual risk is acceptable by management
Manages IT risk advisory engagements for lines of business (primarily IT Services) including planning, assessing and reporting
Provides IT audit/regulatory/legal portfolio management oversight services to include coordination, scheduling, consulting, monitoring and reporting
Provides direction, coaching and mentoring for assigned professional staff regarding employment, career development and performance evaluation in accordance with Bank guidelines
Bachelor's degree in business, computer science or related discipline or equivalent education and related training
Six years of IT risk management and/or IT auditing experience
Advanced understanding of IT Control Frameworks such as COBIT, ITIL and COSO
Advanced knowledge of IT auditing practices and regulatory requirements including GLBA, PCI, ITIL, etc
Strong team-oriented interpersonal skills and ability to achieve mission oriented and valued-based results
One or more professional certifications such as CISSP, CISM, CISA or CRP
Thorough understanding of network topology and associated risks
Oriented with judicial process associated with eDiscovery cases

IT Risk Consultants Resume Examples & Samples

IT Assurance/ Audit - including the execution of evaluating and design of IT controls (e.g. application & general controls) in support of an external audit
Internal audits – including the execution of audits of IT processes against leading practice IT risk and security frameworks and common standards (e.g. CoBIT, ITIL, ISO 27001/02)
Service Organisation Controls Reporting and agreed upon procedures reviews against standards such as ISAE/ASAE3402/ SSAE16

Manager, IT Risk Policy Resume Examples & Samples

Develop corresponding communication requirements for new and updated policy documents and work with communication partners in developing communication plans; provide subject matter expertise and direction for IT Risk strategies and awareness initiatives
Participate in transformation initiatives to develop an automated and integrated, efficient and consistent GRC approach to policy
Support IT Risk Advisors and IS Consulting team members in policy document implementation and monitoring strategies, plans and tools needed to meet all IT-Risk related regulatory requirements, governing laws and other applicable laws and regulations globally
Knowledge of COBIT and ITIL

Regional Head of IT Risk, Asia Pacific Resume Examples & Samples

Collaborate with Information Risk & Compliance Managers across lines of business to aggregate technical risks and findings in assets and systems to provide a holistic view of technology risk across a country location
Assess the various information technology risks that the business faces in its operations and implement action plans, policy and procedural changes for risk avoidance and mitigation
Monitoring and analysis of regional technology key risk indicators
Proactively identify potential risks based on changes to business models, technology models, and external trends
Develop executive level reporting and communications to support risk-informed business decisions
Understand and can consult on information security standards and industry best practices
Identify and maintain variances in policies and standards for addressing country specific regulatory requirements. Review proposed IT Risk Policies and Standards for conformance and input of country requirements
Reinforce Information Risk Policies and Standards, and provide risk management support to businesses running in country
Act as a coordination point for responses to any RFIs, audits or inspections
Monitor and report implementation of key initiatives to local country management and regional teams
Facilitate and assist with firm-wide technology control assurance in country locations
Interact with other relevant firm-wide control bodies (IT Governance, Audit, Operational Risk, Legal/Compliance, Resiliency Risk Management)
Promote and improve awareness of security threats, laws and regulations, policies and standards
15+ years of IT experience, the majority of which should be in an IT Risk or Security role, preferably in the financial services sector
Broad based knowledge of IT Risk, IT Compliance, Security and disaster recovery/business continuity, with appropriate qualifications or certifications (CISM, CISA, CISSP or equivalent)
Broad knowledge or experience of working with regional regulators, Hong Kong, Australia, Japan etc
Significant analytical and critical thinking skills
Demonstrated technical abilities in multiple areas (e.g., technology infrastructure platforms or networks, application development, data protection, etc.)
Ability to manage multiple projects concurrently, work under pressure, and meet tight time commitments
Strong process orientation and understanding of operations and technology enabling candidate to provide support in the analysis, development and monitoring of controls
Ability to build and maintain collaborative working relationships with Information Technology and Business to design and assist in the execution of appropriate controls design and monitoring
Strong Program/Project Management and influencing skills

Director IT Risk, &TS, Europe & Asia Resume Examples & Samples

Oversee IT risk management practices covering the five domains of IT Risk, provide interpretation and counsel on policies, and challenge existing practices for Enterprise IT Risk within Investor & Treasury Services and Europe and Asia regions
Provide subject matter expertise to determine appropriate controls and to advise the business on the implementation of controls taking into consideration a broad range of highly complex and often ambiguous regional and cultural specific issues
Act as the Centre of Expertise for IT Risk best practices managing key business platform executive relationships in the assigned region
Utilize in-depth understanding of the business platform and region specific factors and requirements and the associated impact on IT Risk governance in order to provide input into strategic development from a regional perspective
Ensure enterprise-wide policies meet the diverse requirements of the region in order to provide assurances of compliance while minimizing adverse impact to business operations
Contribute to and support the execution of IT Risk management programs
Challenge the first line of defense within each business platform to ensure the IT Risk profile is a balanced, comprehensive and transparent reflection compared to risk appetite
Contribute to the review of IT Risk assessments executed by the business including deep dive assessments, scenario analysis and new product or change initiative assessments
Produce quarterly reports to business senior management and IT VP/SVP on the assigned region’s IT Risk profile including application, infrastructure and third party
Participate in the steering committee or associated governance/review activities on key business initiatives ensuring that existing and emerging IT Risks for new products, processes and transformational initiatives are identified
Track and consult on IT Risk remediation action items
Liaise with multiple regulators in multiple diverse countries within the region to ensure up to date knowledge of various regulatory requirements and assist in the response to requests
Facilitate client due diligence reviews of RBC controls and provide assurance to clients that risk is managed effectively
Work directly with the leadership team of the first line of defense to embed an understanding of the business line IT Risk profile and risk appetite into strategic decision making; challenge executive decision making that contradicts profile and risk appetite
Ensure dissemination of information on RBC’s IT Risk management practices and programs to foster sound IT Risk management within the region
Liaise with industry peers to develop insights into leading IT Risk management practices
Policy and Risk Appetite Management
Provide IT Risk policy interpretation to first line of defense and advise them on the development of standards and procedures that align with policy in order to ensure Key Risk Indicators (KRI’s) and Key Performance Indicators (KPI’s) are met
Establish effective monitoring practices to ensure adherence to the IT risk management framework and policy and assist business in the identification of issues
Advise and collaborate with IT and the business on appropriate ways to strengthen controls in non-compliant areas
Advise and assist first line of defense in IT Risk mitigation planning activities
Provide expertise and assistance to the region in the development, implementation and monitoring of the Enterprise Risk appetite by overseeing the businesses as they write and annually refresh their risk appetite statements
Ensure that the IT Risk Profile is fairly presented through ongoing reporting, and escalate to executive management when the IT Risk Profile is at or near the defined Enterprise Risk Appetite
Awareness Leadership
Promote IT risk management as an embedded discipline within the region supported
Promote and nurture a risk aware culture
Provide guidance to Communication/Training and Awareness teams on regional specific requirements
Cyber Security
Ensure enterprise driven information security programs are delivered in region including data protection, cyber threat management and identity and access management
Provide regional requirements to enterprise teams to ensure security programs meet the needs of Europe and Asia
Oversee and guide risk assessment activities in the region according to regional priorities
Proven experience in progressively responsible IT risk management roles in a global financial services organization
Build from scratch capabilities
Highly developed ability for conceptual thinking

IT Risk Remediation Portfolio Manager Resume Examples & Samples

Definition of the future state vision, strategy and roadmap for Infrastructure Services (IS)
Liaising with senior stakeholders and management functions to lead the definition and creation of the Infrastructure Services transformation programme scope and timeline
Creation of the business cases, master plan and cross workstream dependency view of the programme
Setup of the programme office, governance structure and supporting programme reporting function
Mobilisation of the programme and leadership of its execution from start to finish
Ability to manage a large scale, multi vendor, multi location team consisting of both internal and external resources
Ability to report, liaise and understand dependencies on other Group Technology and regulatory required change the bank (CTB) programmes
Management of the programme financials, ensuring all projects are funded and tracked conforming to the banks standard methodologies and project management frameworks
Ensure the programme adopts and conforms to the new target state Services based Operating Model for Infrastructure Services
Ensure that the programme aims to achieve synergies and take advantage of other strategic levers such as offshoring and the hubbing strategy

IT Risk Policies & Standards Lead Resume Examples & Samples

Deliver robust oversight and governance for the ongoing development and maintenance for Policies and Standards ensuring compliance with revision requirements
Develop (re-design) and maintain an end to end Polices and Standards framework based on key technology controls which drive
Minimum of 10 years experience in Information Technology, IT Risk or IT Controls, including 3+ years experience in the implementation of associated Policies and Standards frameworks
Previous experience in diverse range of technology, risk and control roles
Strategic mindset that can quickly identify how the components of a holistic risk/control program should fit together
Highly motivated team player with excellent analytical, written and verbal communications skills. Ability to translate vision and strategy into clear actionable goals, establish priorities and achieve measurable results
Track record of establishing and maintaining collaborative cross-organizational partnerships to achieve results
Ability to persuade and influence is key. Must have ability to be tactful yet assertive
Strong collaboration and negotiation skills
Adaptability to changing business conditions

IT Risk Section Manager Resume Examples & Samples

*CAN BE LOCATED IN RALEIGH, WILSON LOCATIONS AS WELL AS CHARLOTTE***
Coordinates and oversees the implementation, monitoring and/or management reporting of functions within the IT Risk Management Program
Provides IT audit/regulatory/legal portfolio management oversight services to include coordination, scheduling, consulting, monitoring and reporting. **
Develop and compile periodic reporting and metrics to assist IT Management with portfolio level risk insight. 8. Contribute to the development and management of several centralized risk management and reporting initiatives
Strong project/change/initiative management skills and experience, to include use of project management software (MS Project)
Experience with process development, design and implementation
Ability to develop metrics and other measures (KPIs, Dashboards, etc.) for operational monitoring as well as senior management consumption
Project Management Professional (PMP) Certification strongly preferred

IT Risk Services Resume Examples & Samples

University degree in Computer, Electric/Electronic, Industrial Engineering, or related fields,
Minimum 2 years experience in a related field, preferably in professional services and/or industry,
Professional Certification such as CISA strongly preferred,
Willingness to pursue a professional designation,
A diverse skill base in IT audit, IT risk advisory, business continuity management, and information systems security,
Familiarity with national and international legislation and compliance requirements such as SOX, BTK&BDDK Requirements etc
Knowledge of relevant international standards and frameworks such as ISO 27001, ISO 22301, COBIT
Experience in reviewing, documenting, evaluating and testing controls in a wide range of environments,
Ability to develop and maintain effective client relationships and understand the clients business and project requirements,
Understanding of business processes and technical skills to successfully develop effective solutions and complete project assignments,
Understanding of the importance of business ethics,
Sound project management and job administration skills,
Strong Interpersonal skills and ability to interact in a team environment,
Excellent written communication skills & strong analytical skills,
Must be able to handle highly confidential information in a strictly professional manner,
Must be able to maintain professional demeanor in times of high stress,
Flexibility to travel

VP Mgr-it Risk Assessment & Arch Resume Examples & Samples

Conduct security assessments and manage remediation activities for in-house developed applications – must have a strong understanding of secure-coding standards and practices. Be able to develop evaluations of vendor developed code and determining if there are known vulnerabilities
Represent IT Risk on organizational project teams and ensure adherence to existing security policies ,standards, and identified reference architectures
Lead and Drive the creation of and adherence to Cyber-Security and Information Security Reference Architectures
Run secure integration efforts when Moody’s on-boards corporate acquisitions performing the necessary due diligence
Act as a security consultant in the delivery of Information Security projects and services for our customers by working directly with key business stakeholders, Moody’s IT (MIT) executives and project teams
IT / Cyber Security Architecture
Subject Matter Expertise in IT Risk and Cyber Security
Shares Services Application: HR, Finance, etc
Maintains knowledge base on high profile, public cyber security breaches and able to quickly understand and articulate their associated actors, exploits and opportunities to improve Moody’s specific defense capabilities
Strong knowledge of application architecture, development and secure coding practices
Proven ability to work within a large enterprise that spans multiple continents, is governed by change management and has a tiered support model

Avp-it Risk & Architecture Resume Examples & Samples

Provide security consulting services for enterprise projects that cross multiple technologies and platforms to ensure alignment with Moody’s Information Security architecture standards
Represent Information Security on organizational project teams and ensure adherence to existing security policies ,standards, and identified reference architectures
Represent Security Architecture at both Software Development Life Cycle and Product Development Life Cycle reviews
Assist to evaluate security concerns with new and emerging technologies with particular focus on Cloud, SaaS, and IaaS
Support the successful delivery of Information Security projects and services for our customers by working directly with key business stakeholders, Moody’s IT (MIT) executives and project teams
Minimum 7-10 years of experience in IT industry, preferably in a financial services or consulting organization
BS or BA degree, preferably in technology/business or equivalent
Relevant certifications such as CISSP, CISM are a plus

Avp-it Risk Resume Examples & Samples

Gain an expert understanding of Moody’s PDLC
Partner with the PPQA, Project Delivery, and IT Risk Control teams, to provide the management, organization and written material for Internal or External Audit MIT Responses
Assume project management ownership for the implementation of all PDLC enhancements derived from audit findings
Working with PPQA, Corporate Planning, Accounting and Internal Audit, Manage the plans and narratives of SOX processes to enable MIT SOX compliance
Provide PDLC guidance and support, while also being a solid control point for PDLC process adherence to Project Delivery Teams; escalate appropriately when issues arise
Conduct PDLC project phase gates for a select portfolio of large multi-million dollar projects plus oversight on the smaller Maintenance and Enhancement portfolio
Key PPQA partner to the IT RISK PMO, enabling process adherence to the PDLC and mitigating audit findings from occurring. Ensure the incorporation of any audit finding remediations are instantiated into the IT RISK project portfolio
Create appropriate level metric/reports. Provide support for PPQA status reporting
Bring hands on technical acumen and skill sets to the role, driving analysis, development, improvements and efficiencies within the PPQA and IT Risk space
Ability to take abstract concepts and themes and formulate concrete proposals ultimately driving selected opportunities through to implementation
Extensive experience in partnering closely with an Audit function; proven experience in identifying potential audit findings within a technology delivery organization
Hands on and proven experience in implementing projects utilizing various implementation frameworks such as agile/scrum, waterfall, iterative, OPENUP, TOGAF
Must have experience driving quality/process management activities in a large environment with a proven track record of delivering methods, disciplines and quality improvements
Must have strong, enterprise wide business acumen to operate within this control point function, while being flexible to changing business needs, with a deep understanding of how technology enables a business
Experience working with teams that have implemented/worked with the SANS and NIST frameworks and the impact to an organization
Solid experience in partnering and supporting an IT Risk Controls function, understanding the relationship of a project portfolio and the implementation or maturation the controls it addresses
EXCELLENT written and oral communications with the ability to calibrate the message to various levels of management and job functions
Excellent MS Office skill set; SQL and Tableau
Excellent consulting skills, in influencing and partnering with end users, providing adherence commentary in a facilitated manner, while still operating as a control point for the organization
At least 7 years of experience in an IT Risk function in the a regulated financial services industry
At least 7 years of excellent project management experience on large, cross functional, multi-million dollar projects/programs
University degree (Bachelor or Master level) in technology or information security related studies
PMP and/or Certified Internal Auditor
Proficiency in process Industry Standards and Best Practices such as Six Sigma, PMP, CMM, ITIL, TQM
Good influencing skills within the team, department, across departments and various levels of management
Ability to work well under pressure, respond to tight deadlines and exercise excellent judgment in setting priorities
A self-starter, solution orientated and team player

Manager, IT Risk Management Resume Examples & Samples

Plan and execute client engagements focusing on business processes and risk management in areas such as IT strategy, IT program management, cyber security, service delivery and operations, third party management, data management, application management/SDLC and service continuity management amongst others
Conduct IT risk assessments to identify risk and controls gaps and provide sustainable solutions for executing risk mitigation project
Stay current with industry standards and regulatory requirements around IT such as COBIT, ITIL, etc
Apply understanding of Governance Risk and Compliance (GRC) tools and technologies
Five years of experience in any of the following areas: IT Risk Management, 2nd line of Defense, Risk & Compliance, CISO or IT Strategy
Bachelor’s degree in an appropriate field from an accredited college/university
Hands-on experience performing IT risk assessments to identify risk and controls gaps as well as providing sustainable solutions for executing risk mitigation
Strong understanding of IT Frameworks (i.e. COBIT, ITIL, ISO and COSO)
Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future

CCB IT Risk Secops Lead Resume Examples & Samples

Assist in documenting and implementation of processes related to on-boarding requirements for applications/platforms feeding into the firm’s certification tools
Perform oversight process execution, to include reactionary steps when KPIs are not in a "green" status and escalation paths to leverage if required
Assist with definition and rationalization of change management rigor for IAM changes
Lead hands-on management and execution of the certification cycles pre-cycle, post-cycle, and during the cycle
Serve as the back-up to the IAM lead as it relates to project engagement, IAM tool governance, analysis & implementation of automation opportunities, and security architecture/engineering consultation
Collaborate with CCB Cyber Security, Global Technology Infrastructure, Corporate Cyber teams, and Line of Business Information Risk Management teams for issue resolution and mitigation
Support innovation and enhancement efforts within the CCB Cyber Security function
Communicate and escalate issues and incidents as required by process or management
Consistently identify, assess, and manage technology risks across all environments. Where controls are not adequate, escalate those concerns and assist with driving improvements to the overall control environment
To accomplish this goal, the team partners with Corporate groups including the Global Privacy Office, Corporate ITRM, and Audit, and also with CCB groups including Operational Risk and the CCB Technology teams
Also serve the business in a consultative manner, providing guidance to the business on addressing identified risks
Support day to day technology control reviews, IT risk management oversight, and facilitate remediation efforts as needed
Perform validation of IT risk issues prior to closure of assessment identified gap. Identify opportunities for process improvements to deliver increasing efficiency
Strong understanding of Information Security concepts
Intermediate to strong experience on vb scripting/ powershell / sql
Independent thinking, willingness to "step outside the box" and take reasonable, calculated risks
Experience in a fast paced, high stress environment
Ability to think strategically, work with a sense of urgency and attention to detail
Demonstrated ability to be reliable and flexible
Demonstrated analytical, problem solving, and prioritization skills

IT Risk Management, AVP Resume Examples & Samples

Minimum 3-5 years experience in system development projects/maintenance for financial institutions
Ability to work with both User Department and AITD staffs
Needs to be able to work under pressure and to meet deadlines
Background in banking or financial industry
Knowledge of bank regulatory requirements and financial industry standards
Knowledge of global standards/frameworks for IT governance, such as COBIT, PMBOK, etc
General understanding about component/architecture of systems and the security requirements
Skill to materialize and run PDCA-cycles
Skill to develop and maintain procedures and guidelines
Skill to communicate technical processes with business users in non-technical terminology
Skill to use project management tools such as MS Office, MS Project and Visio

IT Risk Avp Resume Examples & Samples

Support the 'Risk Excellence' culture within the business
Lead or support EMEA IT regulatory assessments and advisory projects including recurring activities such as CHAPS controls attestation
Develop and maintain a tracker of all EMEA IT regulatory activity and coordinate driven responses to regional regulators
Support IT Governance and IT Risk Management activities and attend relevant forums. This includes producing EMEA ITGRC reporting (e.g. IT audit issue remediation, IT regulatory assessments status, IT risk radar etc.)
As appropriate, support 3LoD reviews by coordinating responses and the process for reporting self-identified issues
As appropriate, identify and notify the US based team about new IT regulations and coordinate impact analysis for those regulations where necessary
FS experience / Big 4
Experience in IT regulatory compliance and response management
Experience in IT control attestations including Cyber and Business Continuity management
Understanding of IT regulations in the UK, Germany, Luxembourg. Other European jurisdictions would be a plus
CISA/CRISC
BSc in Business Information Technology

IT Risk Resume Examples & Samples

Risk Assessment and Internal Controls: Assess process risk during project implementations and process redesign. Effectively communicate process and system risks to all stakeholders to allow management to make more informed decisions and obtain appropriate buy-in for key project decisions. Document and test key process controls during the implementation phases to ensure key risks are adequately mitigated prior to go-live. Evaluate access and segregation of duties based on least privilege access. Serve as a liaison between functional teams, technical teams, internal audit, controller’s office, business process owners, and external audit. Provide controls training
Project Management: Develops and executes multiple concurrent project plans in alignment with the global product vision and strategic road map. Manage to project timelines and cost
Compliance Support: Participate in controls and compliance initiatives in adherence to Sarbanes-Oxley (SOX) compliance and departmental risk assessments
Develops and executes projects plans and business requirements that align with the teams' strategic road map
Drives the execution of multiple business plans and projects
Ensures business needs are being met
Manages multiple concurrent projects and functional support activities globally
Provides leadership and addresses competencies and skill gaps
Provides supervision and development opportunities for associates
Strong interpersonal and presentation skills, including influencing skills, managerial courage, developing others, for communicating at all levels and across all functions
Knowledge of sound business and control practices
A high energy level and strong work ethic with a commitment to continuous improvement in a dynamic and changing environment that strives to exceed expectations
Demonstrated ability to build strong relationships at all levels and able to work in a multi-cultural environment
Knowledge of Sarbanes-Oxley requirements
Master's Degree, Accounting, Information Technology, or related field

IT Risk Remediation Resume Examples & Samples

Identify , define and drive tactical and strategic programs of work to improve GPS Risk and Control environment
Track progress, escalate overdue actions and provide advice on all GPS Risk activities risk projects, to ensure sustainable and timely risk remediation and appropriate stakeholder sign off, by agreed due dates
Conduct quality checks of raised Operational Risk Issues (ORIs) and work with internal and external entities ( IMT/EY etc. ) to define/agree appropriate remediation actions to remediate and remove deficiencies

Director, IT Risk Management Resume Examples & Samples

15+ years of comprehensive experience in financial management, including substantial experience in compliance/risk assessment activities, operating controls, process improvement, internals control and management of internal and external audit issues
Bachelor's degree in accounting or finance required. Master's degree in business, finance, accounting or related field preferred. CPA preferred
Experience in executive level communications
Experience supervising professional staff with a proven ability to develop, motivate & acquire a Finance team globally
Experience in managing enterprise-wide activities in complex, matrixed organizations
Experience with the project management processes, tools, techniques and methodologies
Expertise in risk management strategy and techniques as well as internal control design and assessment. Clear understanding of the COSO framework, ERM and other risk and controls concepts and frameworks critical for the organization’s success
A high level of risk and internal control acumen and senior executive presence
Experience in implementing, enhancing and successfully managing an Internal Audit or SOx function with a global multinational company with a highly complex matrixed environment
A strategic mind set and broad thinking to lead the program as the company scales
Strong influencing skills coupled with technical risk management expertise. This also includes a mature business approach to problem solving, conflict resolution and influence
Ability to build strong and productive working relationships with staff at all levels across the company
Possesses strong analytical skills and has a thirst for knowledge (i.e., highly inquisitive)
Experience managing executives and cross-functional teams, including people development skills and leadership qualities. International experience and ability to work across cultures
Excellent listening and communication skills in order to effectively interface with all levels of leadership

IT Risk Resume Examples & Samples

Significant experience within 1LoD/2LoD/3LoD
CISA/CISSP/CISM
Financial services experience would be an advantage

IT Risk Management Resume Examples & Samples

Experience in Change Management- ITIL Certified
2+ Years of experience
Manage and drive third parties to the quick resolution of change
Good exposure of infrastructure technologies

Senior.group Mgr, IT Risk Mgmnt Resume Examples & Samples

Risk Identification, Assessment and Evaluation
Develop an IT risk reduction and awareness program
Assemble and lead an experienced taskforce to partner with business teams on correlating identified technology risk scenarios to relevant business processes
Collaborate with senior business risk managers and key stakeholders to validate technology’s portion of their risk appetite
Utilize the IT Risk Model portion of the Service Maturity Model (SMM) framework to identify, assess and evaluate risk for all IT Services. Integrate SMM with a critical business component
Conduct training/workshops to ensure that stakeholders understand and contribute to the risk management process
Risk Treatment
Develop technology risk response action plans used to mitigate risk factors identified during risk assessments
Create and oversee a team of technology control specialists that will drive the mitigation of risks in the technology environments
Provide CIO and IT service leaders with actionable recommendations for improvement
Conduct and lead a technology root cause analysis program and drive improvement resulting from the findings
Establish risk control processes and procedures
Risk Analytics and Monitoring
Automate the collection, validation and analysis of data used to create technology key risk indicators (KRIs), and monitor and communicate their status to relevant stakeholders
Create programs to mitigate technology issues identified by KRIs
Drive remediation of issues highlighted by KRIs
Control Testing
Create a financial services industry-leading automated control testing solution
Supervise control testing activities to ensure they are delivered effectively
Lead efforts to test information systems controls used to verify effectiveness and efficiency of technology solutions
Ensure all technology controls are assigned control owners to establish accountability

VP-it Risk Assessment & Arch Resume Examples & Samples

Manage and enhance the IT Controls program including risk and controls library, processes, and reporting
Manage and enhance technology-enabled workflow(s) and automated IT-GRC processes for Controls program
Manage IT risk management processes to identify, analyze, mitigate and monitor IT cybersecurity risks
Centralizing IT relationships and coordinating interactions with internal and external auditors, regulatory authorities and customers' vendor risk assessment programs
Partner with Risk Management teams to ensure alignment with firm-wide operational risk management framework, policies, processes, risk appetite and tolerance
Minimum 8-12 years of experience in IT industry, preferably in a financial services or consulting organization
Strong familiarity with IT Risk Controls methodologies and established criteria
Experience managing Audit/Regulatory Issues to Closure

SVP Mgr-it Risk Management Resume Examples & Samples

Provide security architecture designs, design approvals, and consulting services for enterprise IT projects that cross multiple platforms and ensure alignment with Moody’s desired security architecture and library of best practices
Be an authority on secure implementation of Moody’s Integrated Bus – with specific attention to encryption capabilities on MQ/IIB
Act as a liaison to Moody’s Enterprise Architecture Group, ensuring Moody’s is adhering to architecture best practices such as TOGAF and SABSA frameworks for Architecture Initiatives
Mature and help implement Moody’s Threat Modeling capability with SDLC and Application development efforts
Support the creation of Moody’s Information Security policies and standards aligned with industry best practices and business needs
Run secure integration efforts when Moody’s on-boards corporate acquisitions
Evaluate security concerns with new and emerging technologies with particular focus on Cloud, SaaS, and PaaS; knowledge of MS Azure and a recommended security feature-set is ideal
Own the successful delivery of Information Security projects and services for our customers by working directly with key business stakeholders, Moody’s IT (MIT) executives and project teams
Minimum 10 or more years of experience in the IT industry, with specific focus performing at least two of the following roles
Financial Services IT Operations
Consulting within the IT Industry with particular focus on Enterprise Architecture (familiarity with both TOGAF and SABSA are plusses)
Adaptability and flexibility to work on a variety of assignments as defined by constantly evolving priorities

IT Risk Assessment Team Lead Resume Examples & Samples

Lead a team of risk assessment analysts and provide trainings where needed
Develop a deeper understanding of business processes, functions and internal control designs
Conduct risk assessments of high profile technology projects and RCSA process in an established/required timeline
Create and communicate risk assessment reports to relevant teams
Work closely with the other functions within the IT Risk Office team
Determine compliance with policies and procedures
Support audit reviews as needed
Initiate process improvement activities
Manage expectations effectively and escalate where appropriate
6-7 years risk and audit experience in financial services, through public accounting/auditing and/or industry experience
Sarbanes- Oxley (SOX) experience
Demonstrate leadership skills

IT Risk Leader, PMP Resume Examples & Samples

Support the development and maintenance of the CEDCaP Risk Management Plan and program level risk register
Support the CEDCaP RRB meeting where the following is presented: proposed risks, risk origins and context, translating the risks to appropriate context; and assignment of the risks
Bachelor's degree in a related field and seven (7) years of IT experience to include a demonstrated and proven knowledge of IT risk management
PMP certification through PMI is required
Track, measure, report, and communicate project risks
Interact with Government project managers to ensure timely and accurate performance status input
Facilitate meetings with Government staff
Edit, quality check, and produce polished deliverables, free of errors
Support data calls, perform related analysis, and develop reports
Have strong communication skills, both written and spoken
Maintain a customer-service focus
Experience supporting Government clients
US Citizenship required for this program and ability to obtain a Public Trust clearance

Senior Director IT Risk Management Resume Examples & Samples

Provide oversight, independent challenge and reporting to ensure the current and planned technology environment is operating as intended for S&P Global Ratings
Participate in the S&P Global risk governance committees for technology risk, cyber security and business continuity
Work with Senior managers across S&P Global Ratings to set S&P Global Ratings risk appetite and risk tolerance for technology risk, cyber security and business continuity
Design, develop and implement a process for S&P Global Ratings businesses to facilitate identification, assessment and prioritization of business risks and threats related to technology risk, cyber security and business continuity across the enterprise
Design, develop and implement a process for the S&P Global Ratings businesses to measure risk exposure for technology risk, cyber security and business continuity and formulate risk mitigation strategies for technology risk, and recommend strategies to S&P Global for mitigation cyber security and business continuity across the enterprise
Provide independent assessment on existing and identify new or emerging risks. Maintain an active list of external and self-identified issues with action plans for issue closure. Stay abreast of industry related events and enhancements to mitigate potential risks
Present findings and observations to S&P Global Ratings’ Chief Operating Officer and Chief Technology Officer to determine accountability and appropriate action plans
Provide oversight of S&P Global Ratings businesses to ensure that appropriate risk controls are designed and implemented for technology risk, and business continuity in line with enterprise-wide risk appetite
Contribute to the design, documentation and maintenance of the necessary policies, standards and controls for technology risk, cyber security and business continuity across the enterprise
Oversee the implementation of S&P Global and S&P Global Ratings policies and standards for technology risk, cyber security and business continuity for S&P Global Ratings
Coordinate with the Legal and Compliance functions during regulatory examinations associated with technology risk, cyber security and business continuity
Bachelor’s and advanced degree (Master’s or MBA) required; relevant professional certifications strongly preferred
12+ years of industry experience in Financial Services
Strong IT Risk Management experience and knowledge including, but not limited to: cyber security, business continuity, IT risk framework, data security, access management, policies, validation and testing
Broad understanding and knowledge of industry best practices and regulatory processes and expectations, but an innovative thinker to stay abreast of evolving threats and risks to the financial services industry to ensure a proactive response and to mitigate risk
Prior experience developing strategy, plans, education and cultural transformation to address the highly dynamic IT and cyber security risk environment. Ability to present to and engage with Senior Management, Board of Directors, regulators, government officials, and industry leaders are paramount to succeed in this role
Track record of collaborating with global financial institutions to address risk related issues across lines of business, functions and geographies
Significant experience at leading and managing change programs
Problem Solving: Leads and uses conceptual and innovative thinking (i.e., identifying new/different solutions) to solve issues. Looks beyond immediate problems for wider implications and determines best path forward
Interpersonal Skills: Requires a highly developed communications skills and ability to negotiate internally and often at higher levels. External communications may be a need but not a primary focus
Nature of Impact: Leads and directly impacts the professional and/or technical direction and strategy for a discipline or a core product including shaping and designing new policies, procedures and standards

Lead Manager, IT Risk Management Resume Examples & Samples

Strong working knowledge of technology controls testing and validation function
Ability to follow and recommend improvements to documented planning, testing, and reporting procedures and testing methodology
Operate within a highly collaborative remote team environment to deliver consistent value added opinions on the design and effectiveness of technology controls applicable to CTS services and associated business partners
Demonstrate ability to understand, design execute, and validate internal controls and testing for complex processes and requirements
Automation of Control testing (utilize NEXEN platform and developing required API’s)
Offer and ground suggestions to ensure adherence with all corporate policies and standards, regulatory requirements and industry best practices
Understand risk exposure for applicable controls as well as evaluate mitigating controls for the risk exposure
Perform testing tasks of complex difficulty, demonstrating a degree of “professional skepticism” to challenge the relevance and effectiveness of controls based on results
Interact with audit, line 2 and other stakeholders and risk representatives from multiple lines of business
Serve as liaison and consultant and evaluate impact of new technologies, processes or tools within the technology control area
Establish and maintain good client relations during testing engagements. Assist in communicating the results of some audit projects to management via written reports and oral presentations
Ability to work with strategic direction to plan and implement tactical tasks required to deliver on the strategy
Effectively manage a team of remote technology control testers
Demonstrate working knowledge of technology focused controls and/or audit testing methodologies
Effectively leverage knowledge of Industry standards related to technology controls
Use ability to communicate effectively to stakeholders
Demonstrate understanding of IT risks and risk mitigation
At least 3 Years’ experience in Controls Testing or IT Audit
At least 3 Years’ experience in Information Technology
At least 2 Years’ experience leading teams of at least 5 associates

Director IT Risk Management Resume Examples & Samples

Internal Control/Operational Risk Management
Compliance or related experience in the financial services/banking industry Information Security
Five years’ experience in leading and managing multiple programs with high functioning team members
Five years of Information Security or Technology operational team experience (ie. Vulnerability Management, Change Management, Incident and Problem Management)
Thorough understanding of compliance, risk management and internal control frameworks
Requires an ability to design, implement and operate risk processes and methodologies in a manner that effectively supports business objectives and manages operational risk requirements
Executive presence and ability to tailor communication style based on audience, from employee to peers to executive leadership
Strategic thought leader, with experience in developing strategies, and processes to deliver against the designed objectives
Proven ability to influence and drive transformation by leading complex, large-scale, cross-functional initiatives
Ability to understand, analyze data and produce meaningful conclusions
Strong interpersonal skills and ability to collaborate effectively

VP IT Risk Management Resume Examples & Samples

Establish a partnership with the first line business leaders and teams in Technology to identify, assess and actively manage risk across Technology Infrastructure, Technology Development and the Information Security Organization (led by the CISO) according to E*TRADE’s Enterprise Risk Management program provide effective challenge
Build/augment the IT Risk organization to actively manage risk according to oversight and regulatory requirements including governance, metrics, RCSA ongoing oversight, coaching and Quality Reviews, application risk assessments and infrastructure technology assessments
Monitor and measure changes to the SDLC process and lifecycle
Perform or manage resources that will perform specific Quality Assurance over the SDLC process and lifecycle including: SDLC Policy adherence, providing an assessment of risk participation in the overall process and during all project analysis and review and post mortem. Provide differentiation between first and second line QA and escalation for meaningful impact and present quarterly reporting and tracking of metrics and improvements. Articulate areas to improve risk management and recommend corrective actions and new policies, when necessary
Become the point of contact and second line owner during regulatory exams of IT risk and other exams, when necessary
Chair or participate in Technology Governance as required
Assess the risk within Key Enterprise Programs and functionality against FFIEC and other regulatory requirements. Review and recommend enhancements, as appropriate. Take ownership of some Plan items and evidence
Develop an ongoing partnership with other second line risk leaders of Data Governance, Enterprise Data Management, Third Party Oversight, Enterprise Risk Management and Operational Risk of Operations and Brokerage businesses
Refine process documentation to align with Regulatory requirements and best practices as noted through organizations such as NIST, BITS, ISO, and COBIT
Knowledge of ISO 27000 frameworks, BITS SIG, or COBIT/SOX IT control testing

Spclst IT Risk Mgmt Resume Examples & Samples

Collaborates with IT Security management in the development of enterprise Security assessment tools and policy and procedures
Performs vulnerability assessments as assigned utilizing I.T. Security tools and methodologies. Summarizes risk posture across the Health System or within specific business units
Identifies opportunities to reduce risk within the Health System, detects and remediates vulnerabilities and ensures compliance and audit readiness
Makes recommendations for corrective action and documents management decisions regarding acceptance or mitigation of risk scenarios
Facilitates and monitors performance and compliance of risk remediation tasks. Reports on findings
Liaises with Health System's partners and vendors regarding the security maintenance of their systems and applications
Participates in the development of 'security awareness' education and training, as necessary
Experience with threat intelligence highly preferred
Shell scripting experience highly preferred
Vulnerability scanning experience highly preferred
High School Diploma or equivalent, required and minimum of eight (8) years progressively responsible information technology risk management experience, required

Spclst IT Risk Mgmt Resume Examples & Samples

Experience with governance policies and procedures highly preferred
Risk or Audit compliance highly preferred
Strong writing and presentation skills highly preferred

Avp-it Risk Assessment & Arch Resume Examples & Samples

Own the security roadmap by working with security product owners and delivery leaders to develop multi-year plans that align capabilities with risks and threats
Develop executive presentations on information security
Coordinate key security touch points comprised of senior executives, track action items, and maintain presentation material
Bring groups together to share information and resources and create better decisions, policies and practices
5 – 8 years or more of enterprise level information security program management role Requires good interpersonal skills, ability to function in a fast paced, short-deadline environment, and the ability to come up with innovative cost-effective decisions
Ability to communicate effectively with all levels of the organization’s workforce, while maintaining appropriate confidentiality
Possess excellent writing and communication skills to effectively develop policies, and procedures, reports and documentation
Ability to work individually, as part of a team and matrix-manage other staff depending on the initiative
Strong presentation skills; ability to adjust message and filter details based on audience (e.g. technical, business, management)

VP-it Risk Assessment & Arch Resume Examples & Samples

The senior analyst must analyze information security systems/applications; make recommendations and develop security measures to protect information against unauthorized modification or loss
The senior analyst will work with the various development teams to implement application security practices that meet Moody’s defined policies and standards for information security
The senior analyst will serve as subject matter expert for best practices and security controls for application security and will work with the various development teams to implement controls that are appropriate for Moody’s information security
Efforts will include
Performing functional requirement reviews and technical design reviews
Identifying application security requirements for projects
Managing the application vulnerability assessment process and tools (SAST and DAST) focused on client-server, web, and mobile applications
Identifying, communicating, and driving the resolution of vulnerabilities
Providing reports to development management and business management on the status of vulnerability remediation for their applications
Serving as a subject matter expert for security in application projects
Developing and updating security patterns aligned with security requirements
Coordinating and collaborating with server infrastructure engineering, network infrastructure engineering, business application development, and database administration functions to ensure confidentiality, integrity, and availability of corporate infrastructure meets business demands
Performing other security-related projects that may be assigned according to skills
Bachelor’s degree in a technical or business discipline
4-6 years or more of experience, primarily in information security, application development, architecture or a related field, preferably in the financial sector and/or supporting IT Risk or Information Security initiatives
Experience with Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST) tools, and enterprise architecture tools
Deep understanding of OWASP Top 10 and SANS Top 25 vulnerabilities
Strong experience with data visualization concepts and tools
Ability to analyze data using Excel including use of complex Excel macros / scripts for reporting purposes; some development experience is preferable
Experience with Veracode (or other SAST/DAST tools), Jira, ServiceNow, and Splunk is preferable
CISSP, GIAC, CISA, CISM, TOGAF certifications preferable
Ability to work individually and as part of a team

IT Risk Services Manager Resume Examples & Samples

Provide high-quality client service
Exhibit good communication skills, verbal and written
Ability to document your work in a detailed fashion through use of electronic work papers and manage others
Enjoy working at a fast pace and meeting deadlines
Ability to identify risks and controls
Provide clients with practical solutions to their issues
Exhibit discipline and organizational skills to accomplish assigned responsibilities within specified timeframes and within identified budget constraints
Manage engagement performance
Develop client relationships
Proficient at MS word and excel
Ability and willingness to travel to serve clients should be expected
Bachelor’s degree required; Preferred: MIS, Accounting or related field
Minimum of 5+ years of SOC or IT Audit Experience required
Required: CPA, CISA or CISSP certifcations
Experience in public accounting firm testing IT Controls over Financial Reporting, SSAE 16/SOC 1 and SOC 2, SOX or internal audit in a public company and/or regulated industry highly preferred
Experience managing people and multiple engagements highly preferred

Manager, IT Risk Resume Examples & Samples

3+ years experience in information systems, preferably within a governance, risk, compliance role
BA or BS Management Information Systems, Computer Science, or Engineering
Obtained or demonstrates an active pursuit of one or more of the following certifications: Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or other related certification. Project Management Professional (PMP) is a plus

Mgr, IT, Risk Assessments Resume Examples & Samples

IT Technical Risk Assurance: Assessing the enterprise against IT threats and risks through governance, compliance, identification, and validation. This includes
Performing IT Technical Risk Assessments
Performing detailed assessments around
Technical Privacy
Disaster Recovery
Infrastructure
Emerging technologies
Secure systems development
Technical Vendor Management
Compliance with Industry and IT Regulations
Providing technical audit resources to support IT Governance Assessments
Security Assurance: Assurance over the general activities and concerns of Charter security function including: governance, policy, control design, general operational effectiveness and internal controls. This includes
As part of an integrated model with Advisory the providing of Internal Audit, Third Party Assurance, External Audit support around an organizations IT Security
Security Governance and Compliance with various frameworks
Security Risk Assessment
Infrastructure Assessments
Attack and Penetration
Architecture and Technology Security Assessments
Emerging Technologies
IT Technical Audits
Internal/External Audits
Audit Technology Risk Assessments
Technical resources to support IT Internal Audit outsourcing , co-sourcing, staff augmentation
Provide technical assurance skills around IT and Security as listed on the left
Third Party Assurance
Technical audit of vendor SAS 70, AT101, SysTrust, WebTrust,
Demonstrates proven success in a role that emphasizes a thorough knowledge of technical aspects of the following areas: IT Audits, IT Risk Management, Information Security and/or Technical Privacy. Demonstrates thorough technical and operational Information Security knowledge, and/or standard industry practices relating to the areas of Information Security & Technical Privacy, in order to assist Charter with the assessment and improvement of its security infrastructure
Demonstrates thorough knowledge of performing IT Risk & Security assessments across a broad range of technologies, leveraging thorough technical and operational knowledge of Information Security best practices and industry standards to define the security controls and processes that are appropriate for the Charter
Demonstrates thorough experience as an auditor or Information Security analyst in a professional services firm or large enterprise, which includes
Interfacing with internal external customers on control solutions
Leading the planning and execution of projects in the following areas: Information Security, Risk Management, Technical Privacy/Compliance, IT Security Audit, and / or IT Risk Management
Demonstrates thorough abilities with the utilization of network and application security assessment tools and methodologies to manage and address security and control issues with the following technologies: UNIX, Windows Servers, databases (Oracle, SQL, DB2, etc), mainframe, firewalls, routers, wireless environments, mobile devices, and cloud computing
Demonstrates thorough abilities with performing the following as it relates to Information Security strategy, organization, policy and Governance: information security, IT audits, risk assessments, network and application penetration testing and security assessments, intrusion detection, vulnerability/risk validation, and secure application development
Demonstrates thorough abilities to identify and address business sponsor needs: actively participating in business sponsor discussions and meetings; communicating a broad range of services; managing engagements including preparing concise, accurate documents and balancing project economics management with the occurrence of unanticipated issues
6 years of experience in IT Risk Management and/or IT Internal Audit including experience in Information Security & Technical Privacy

Assoc Spclst IT Risk Mgmt Resume Examples & Samples

Collaborates with IT Security management on proposed enhancements to enterprise security assessment tools, policies and procedures
Supports vulnerability assessments utilizing IT Security tools and methodologies. Summarizes risk posture across the Health System or within specific business units
Works with management to identify opportunities to reduce risk within the Health System including detection and remediation of vulnerabilities, compliance with regulatory requirements and audit readiness
Makes recommendations for corrective actions and documents management decisions regarding acceptance or mitigation of risk scenarios
Facilitates and monitors performance and compliance of risk remediation tasks. Reports on findings and status of corrective action plans
Liaises with Health System’s partners and vendors regarding the security maintenance of their systems and applications
Creates and presents changes related to risk mitigation to Change Authorization Board, as needed
Provides weekly status on project status, including outstanding issues
Participates in the development of ‘security awareness’ education and training, as necessary
Performs related duties, as required
Bachelor’s Degree in Information Security, Audit or related field, required, AND a minimum of two (2) years progressively responsible experience in Information Systems, required

IT Risk Management Resume Examples & Samples

Contract through May 2018
W2 basis only- No sponsorship
Cary, NC

Manager, IT Risk Assessment Resume Examples & Samples

Identify risks which might occur
Stay knowledgeable of current advances in all areas of information technology concerning vulnerabilities, security breaches or malicious attacks
Continuously evaluate communication security, data vulnerability, business continuity, and compliance risks
Identify vulnerabilities or weaknesses in systems
Examine employee compliance with security controls and deficiencies
Evaluate security policy, processes and procedures for completeness
Ensure that controls are adequate to protect sensitive information systems
Clearly document and define risks and potential impacts of an event and identify systems affected by the defined risk
Assist in identifying breaches in security or tracking the source of an unauthorized intrusion
Identify defensive steps to take, including necessary firewalls, security software and data encryption
Work with the COM ITS to ensure that infrastructure and applications patching and remediation be done
Communicate recommended business continuity preparations and controls, including deficiencies, to business units
Recommend improvements in network security, identity management and logging
Bachelor’s degree in Information Technology or a related area AND three years of information technology experience which may include systems administration, network systems administration, applications design/development which would include a minimum of two years information security specific experience; OR, seven years of progressive information technology experience which may include systems administration, network systems administration, applications design/development which would include a minimum of two years information security specific experience; OR, any equivalent combination of experience, training and/or education
Management expertise in determining and recommending actions and affecting change across the College, providing a clear understanding and the information necessary for departments and individuals to carry out their responsibilities for information security risk management
Security specific certification such as CISSP, various GIAC (such as GCED, GPPA), or CISM
In-depth experience addressing the technical controls of at least one of the following: PCI-DSS, HIPAA, GLBA, FERPA, NIST 800-171
Experience leading complex security-related projects
Experience working in an academic medicine, research, or patient care organization

VP-it Risk Assessment & Arch Resume Examples & Samples

Provide security architecture designs and security consulting services for enterprise IT projects that cross multiple platforms and ensure alignment with Moody’s security architecture
Conduct security assessments and manage remediation activities for in-house developed applications – must have a strong understanding of secure-coding standards and practices. Be able to evaluate of vendor developed code and security designs and determine if there are vulnerabilities in the delivered solutions
Act as a liaison to Moody’s Enterprise Architecture Group, ensuring security designs is incorporate architecture best practices such as TOGAF and SABSA frameworks
Work directly with product and development managers to track and remediate application vulnerabilities
Represent Information Risk on organizational project teams and ensure adherence to existing security policies ,standards, and identified reference architectures
Support the creation of and adherence to Cyber-Security and Information Security Reference Architectures by developing reusable patterns for security
Represent Security Architecture at both the Moody’s Software Development Life Cycle forum and Product Development Life Cycle reviews
Evaluate security concerns with new and emerging technologies with particular focus on Cloud, SaaS, and PaaS; knowledge of MS Azure / AWS is a plus
Own the successful delivery of Information Security projects and services for our customers by working directly with key business stakeholders
Minimum of 10 years of experience in the IT industry, with significant portion of the time spent in security architecture or engineering roles
Ability to articulate the business risk associated with identified security weaknesses
Knowledge of the software development methodologies, including waterfall, agile, and DevOps
Strong knowledge of regulatory standards that govern Information Security practices within the Financial Industry such as SOX, PCI, and state and federal privacy laws
Knowledge of Identity and Access Management (IAM) technologies such as Identity Management platforms, Active Directory, Authentication/Authorization protocols, Provisioning, and Single Sign On technologies
Strong written and oral communication skills including the ability to interact directly with customers that do not have an IT background
Strong presentation skills involving large and of varying IT background audiences

VP-it Risk Assessment & Arch Resume Examples & Samples

Own the security roadmap by working with security technology owners and delivery leaders to develop multi-year plans that align capabilities with risks and threats
Develop executive presentations on information risk and security
Work with security project teams to ensure that project deliverables are aligned with the security roadmap, control program and risk management process
Stay abreast of information security issues and regulatory changes affecting public companies. Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position
10– 14 years or more of enterprise level information security program management role Requires good interpersonal skills, ability to function in a fast paced, short-deadline environment, and the ability to come up with innovative cost-effective decisions
Subject matter expert that is able to speak with authority about the current security technology landscape and has direct experience with two or more of the following domains: Identity Management, Security Monitoring, Incident Response, Network Security, Public Cloud, API Management, Security Frameworks (e.g. NIST)

Manager IT Risk Management Resume Examples & Samples

Collaborate with various IT departments and control owners to understand, assess and address operational risks and exposures through a risk and control self-assessment process
Maintain the 2015 COSO Framework mapping documentation and gap assessment and follow-up on remediation if necessary
Monitor SOX related IT controls as well as overseeing change management for work processes
Identify and recommend changes to improve efficiency as well as process for IT key controls and process flow
Conduct an analysis of internal policies, guidelines, procedures and processes to evaluate the accuracy and adequacy of internal controls, operations, and reporting. Included within this responsibility is the facilitation of the Sox/404 process
Identify and mitigate areas of risk which might arise from inadequate or failed internal processes or systems
Team with internal and external audit to review the results of SOX testing and work with line-of-business owners to resolve deficiencies and further refine/define controls
Assist with procedures to monitor those risks and related drivers using key risk indicators. Make recommendations to address and mitigate identified risks
Execute the operational risk and control self-assessment process and measurement program utilizing risk control tools and key risk indicators including all core products, activities, processes and systems
Provide direction and support to the IT Controls Owners for the design, collection, analysis and reporting of operational risk data
Update and maintain the SOX control database; oversee the execution of control testing, review test work papers for quality and act as SOX SME for process
Participate with other Risk Management teams (compliance, credit, market risk) to identify current and emerging risk exposures and develop appropriate risk mitigation strategies
Support other responsibilities of the Operational Risk Department
BA/BS degree preferred with a strong academic record
At least 8+ years’ experience with an emphasis on evaluation of internal controls or operational risk in one or more of the following areas: IT Processes and General Controls, operational/enterprise risk management, audit, accounting, Sarbanes Oxley compliance

Director, IT Risk Management Infrastructure Resume Examples & Samples

Establish a partnership with the first line business leaders and teams in Technology Infrastructure to identify, assess and actively manage risk across that function in accordance with the E*TRADE’s Enterprise Risk Management program provide effective challenge
Actively manage risk according to oversight and regulatory requirements including governance, metrics, RCSA ongoing oversight, coaching and Quality Reviews, application risk assessments and infrastructure technology assessments
Provide ongoing oversight & guidance to the first line to identify, document, track and mitigate risks and technology incidents according to established Issues Management and Risk Acceptance processes identified in the ORM Policy and within the risk system of record. Help to define action plans to track gaps/needs across the technology organization
Become the point of contact and the second line owner during regulatory exams of IT risk and other exams affecting Technology Infrastructure, when necessary
Participate in Technology Governance as required
Complete risk assessments, determine mitigating controls, conduct closing meetings, document thorough IT Risk reports, and identify/track the corrective action through Management Action Plans (MAPs) as required
Develop an ongoing partnership with other second line risk leaders of the Technology organization

Director, IT Risk Management Resume Examples & Samples

Establish a partnership with the first line business leaders and teams in InfoSec to identify, document, assess, and actively manage risk across that function in accordance with the E*TRADE’s Enterprise Risk Management program provide effective challenge
Actively manage risk according to oversight and regulatory requirements including governance, metrics, RCSA ongoing oversight, coaching and Quality Reviews, and application risk assessments
Provide ongoing oversight & guidance to the first line to identify, document, track and mitigate risks and technology incidents in accordance with the established Issues Management and Risk Acceptance processes identified in the ORM Policy and within the risk system of record. Help to define action plans to track gaps/needs across the InfoSec organization
Become the point of contact and the second line owner during regulatory exams of IT risk and other exams affecting InfoSec, when necessary
Provide reporting, metrics, risk appetite statement updates and testing as needed
Good understanding of security protocols and authentication schemes
Experience with DLP and cyber security tools and methods. Knowledge of security controls for handling of Personally Identifiable Information (PII) data
Familiarity with network security architecture and firewall technology
Prior experience in IT Risk Management, Privacy Impact Analysis, or IT Audit Methodology strongly desired
Knowledge of regulations and security compliance requirements affecting financial institutions
Excellent organizational, written, presentation and verbal skills

Download IT Risk Resume Sample as Image file

Related Job Titles

Risk & Controls Resume Sample

Risk Modeler Resume Sample

Risk Director Resume Sample

IT Risk Manager Resume Sample

CIB Risk Resume Sample

Risk Head Resume Sample

Risk Oversight Resume Sample

Risk Mgr Resume Sample

Risk Adjustment Resume Sample

Intern, Risk Resume Sample

Manager, Risk Resume Sample

Product Risk Resume Sample

Browse More

IT Risk Resume Samples

The Guide To Resume Tailoring

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Resume Builder

15 IT Risk resume templates

Read our complete resume writing guides

How to Tailor Your Resume

How to Make a Resume

How to Mention Achievements

Work Experience in Resume

50+ Skills to Put on a Resume

How and Why Put Hobbies

Top 22 Fonts for Your Resume

50 Best Resume Tips

200+ Action Words to Use

Internship Resume

Killer Resume Summary

Write a Resume Objective

What to Put on a Resume

How Long Should a Resume Be

The Best Resume Format

How to List Education

CV vs. Resume: The Difference

Include Contact Information

Resume Format PDF vs Word

How to Write a Student Resume

North Asia IT Risk Administrator Resume Examples & Samples

Director, IT Risk Domains Resume Examples & Samples

IT Risk Policy Specialist Resume Examples & Samples

Head of IT Risk TIS Resume Examples & Samples

IT Risk Assessment Resume Examples & Samples

IT Risk Transformation Manager Resume Examples & Samples

Director, IT Risk Resume Examples & Samples

Manager, IT Risk Policy Resume Examples & Samples

IT Risk Transformation Manager Resume Examples & Samples

IT Risk Team Lead Resume Examples & Samples

IT Risk Section Manager Resume Examples & Samples

IT Risk Consultants Resume Examples & Samples

Manager, IT Risk Policy Resume Examples & Samples

Regional Head of IT Risk, Asia Pacific Resume Examples & Samples

Director IT Risk, &TS, Europe & Asia Resume Examples & Samples

IT Risk Remediation Portfolio Manager Resume Examples & Samples

IT Risk Policies & Standards Lead Resume Examples & Samples

IT Risk Section Manager Resume Examples & Samples

IT Risk Services Resume Examples & Samples

VP Mgr-it Risk Assessment & Arch Resume Examples & Samples

Avp-it Risk & Architecture Resume Examples & Samples

Avp-it Risk Resume Examples & Samples

Manager, IT Risk Management Resume Examples & Samples

CCB IT Risk Secops Lead Resume Examples & Samples

IT Risk Management, AVP Resume Examples & Samples

IT Risk Avp Resume Examples & Samples

IT Risk Resume Examples & Samples

IT Risk Remediation Resume Examples & Samples

Director, IT Risk Management Resume Examples & Samples

IT Risk Resume Examples & Samples

IT Risk Management Resume Examples & Samples

Senior.group Mgr, IT Risk Mgmnt Resume Examples & Samples

VP-it Risk Assessment & Arch Resume Examples & Samples

SVP Mgr-it Risk Management Resume Examples & Samples

IT Risk Assessment Team Lead Resume Examples & Samples

IT Risk Leader, PMP Resume Examples & Samples

Senior Director IT Risk Management Resume Examples & Samples

Lead Manager, IT Risk Management Resume Examples & Samples

Director IT Risk Management Resume Examples & Samples

VP IT Risk Management Resume Examples & Samples

Spclst IT Risk Mgmt Resume Examples & Samples

Spclst IT Risk Mgmt Resume Examples & Samples

Avp-it Risk Assessment & Arch Resume Examples & Samples

VP-it Risk Assessment & Arch Resume Examples & Samples

IT Risk Services Manager Resume Examples & Samples

Manager, IT Risk Resume Examples & Samples

Mgr, IT, Risk Assessments Resume Examples & Samples

Assoc Spclst IT Risk Mgmt Resume Examples & Samples

IT Risk Management Resume Examples & Samples

Manager, IT Risk Assessment Resume Examples & Samples

VP-it Risk Assessment & Arch Resume Examples & Samples

How to Make
a Resume

50 Best
Resume Tips

200+ Action
Words to Use

Internship
Resume