Search Jobs
Contract: IT Risk & Controls Specialist / USA
This job has expired or may no longer be taking applications, but other similar jobs are available.
Added: | 2020-04-07 |
Location: | Houston, USA |
Salary: | Competitive |
Duration: | Contract |
Apjid | 3 |
Location: Houston, Texas
Position Overview:
Aid in establishing and maintaining our clients overall IT risk & controls management program, which is designed to ensure that the company’s IT systems and information assets are adequately protected. Identify, assess and report on information security risks in a manner that meets our clients regulatory and other compliance requirements, including but not limited to NIST SP800-53.
Responsibilities:
Experience and Qualifications Required:
Position Overview:
Aid in establishing and maintaining our clients overall IT risk & controls management program, which is designed to ensure that the company’s IT systems and information assets are adequately protected. Identify, assess and report on information security risks in a manner that meets our clients regulatory and other compliance requirements, including but not limited to NIST SP800-53.
Responsibilities:
- Aid in the further development and maturation of the IT Security Risk Management Program and overall tools.
- Update and develop formal Risk Management Policies and Procedures.
- Maintain a Risk Controls Matrix (RCM) that aligns with applicable regulatory and compliance requirement frameworks.
- Work alongside IT Risk & Controls Manager and other IT Security Leads to ensure IT compliance-related risks are documented and managed to the appropriate level of acceptable residual risk.
- Maintain an IT Risk Register, that will track and address identified risks, according to severity and potential impact to the organization.
- Facilitate IT compliance of identified controls (ITGCs, Application, Cloud, Cybersecurity, etc.) related to the execution of risk assessments associated with IT Business network changes.
- Ensure proper identification, documentation, and approval of Policy/Control exceptions and risk acceptance activities.
- Report the levels of IT compliance risk and control effectiveness to key stakeholders such as IT- business unit management, senior management, board of directors, legal management, regulators, internal/external auditors, etc.
- Perform other duties as assigned
Experience and Qualifications Required:
- Bachelor’s degree in Business Administration, Library Sciences, or related field of academic study, 7 (+) of experience can be substituted for college degree.
- Broad working knowledge of NIST Cybersecurity Framework, International Standards Organization (ISO) 27001 and 27002, Chemicals Facilities Anti-Terrorism Standards (CFATS), and overall best business practices associated with IT Security.
- Strong ability to think creatively when approaching issues.
- Strong critical thinking and problem-solving skills.
- Ability to think strategically and innovatively, including a demonstrable capacity to proactively identify and respond to relevant IT Risk related issues of both long-term and immediate importance to the Company.
- Ability to present ideas in business-friendly and user-friendly language.
- Exceptionally self-motivated, directed and detail oriented.
- Strong level of experience using the MS suite of Products.
- Ability to establish credibility and working relationships with a wide range of corporate personnel, including operations, management, executive and legal staff as well as external personnel, including auditors and regulators.
How to Apply
© All rights reserved, 2001 - 2024