- Information Technology Risk Management
- Information / Cyber Security Assessments - security vulnerability evaluations assessments
- IT Risk / Security and Control Assessments and Remediation
- IT Governance and Oversight - Risk and Performance Metrics Reporting
- IT Audit and Risk Coordination
- IT and Governance Documentation - Develop, Document, Maintain, Implement, Communicate, - Policies, Standards, Processes, Process Flows and Procedures
-
Information Risk/Security Consultant
1 week ago
Paladin Consulting Dallas, United StatesJob Title: Information Risk/Security Consultant · Work Location: Remote · Duration: Long-term contract with option to hire · Job Description: · We are seeking an Information Technology Governance Risk / Security Controls Consultant to join our Information Technology Team. This ...
-
Risk Consulting
1 day ago
EY Dallas, United StatesEY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. · At EY, youll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the ...
-
Risk Consulting
3 days ago
EY Dallas, United StatesEY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, youll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the be ...
-
Risk Consulting
1 week ago
EY Dallas, TX, United StatesEY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the b ...
-
Risk Consulting
1 week ago
EY Dallas, United StatesEY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. · At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become th ...
-
Risk Consulting
2 days ago
Ernst & Young Advisory Services Sdn Bhd Dallas, United StatesPress Tab to Move to Skip to Content Link · Other locations: · Anywhere in Region · Date: · May 15, 2024 · Requisition ID: · 1499099 · EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, you'l ...
-
Risk Consultant
5 days ago
AXA SA Dallas, United StatesProperty Risk Consultant - Field Engineer · Dallas, TX I Houston, TX I New Orleans, LA I Little Rock, AR I USA · In a world ever more complex and unpredictable, large and corporate companies need an effective partner to improve their risk profile. AXA XL Risk Consulting is a di ...
-
Risk Consultant
3 weeks ago
AXA Dallas, United StatesProperty Risk Consultant - Field Engineer Dallas, TX I Houston, TX I New Orleans, LA I Little Rock, AR I USA In a world ever more complex and unpredictable, large and corporate companies need an effective partner to improve their risk profile. AXA XL Risk Consulting is a division ...
-
Risk Consultant
3 weeks ago
AXA Dallas, United StatesProperty Risk Consultant – Field Engineer · Dallas, TX I Houston, TX I New Orleans, LA I Little Rock, AR I USA · In a world ever more complex and unpredictable, large and corporate companies need an effective partner to improve their risk profile. AXA XL Risk Consulting is a divi ...
-
Risk Consultant
2 weeks ago
Marsh & McLennan Companies Dallas, United StatesCompany: · Description: · Risk Consultant - Transportation · Our not-so-secret sauce. · Award-winning, inclusive, Top Workplace culture doesn't happen overnight. It's a result of hard work by extraordinary people. More than 10,000 of the industry's brightest talent drive our e ...
-
Risk Consultant
2 weeks ago
Aon Hewitt Dallas, United StatesRisk Consultant- Director of Property- 100% remote or hybrid · Are you ready to begin a new challenge and work with the best Insurance Professionals in the business? Then this just maybe the new opportunity you are looking for · Work with one of the largest and most interesting M ...
-
Risk Consultant
2 weeks ago
MMC Dallas, United States Full timeRisk Consultant - Transportation · Our not-so-secret sauce. · Award-winning, inclusive, Top Workplace culture doesn't happen overnight. It's a result of hard work by extraordinary people. More than 10,000 of the industry's brightest talent drive our efforts to deliver purposeful ...
-
Risk Consultant
3 weeks ago
Marsh McLennan Agency Dallas, United States OTHERRisk Consultant – Transportation · Our not-so-secret sauce. · Award-winning, inclusive, Top Workplace culture doesn't happen overnight. It's a result of hard work by extraordinary people. More than 10,000 of the industry's brightest talent drive our efforts to deliver purposeful ...
-
Senior Security Risk
3 weeks ago
Triumph Financial Dallas, United StatesJoin TriumphX · TriumphX, a member of the Triumph Financial portfolio of brands, provides a concentration of technology and project management resources the members of the Triumph Financial portfolio of brands - TriumphPay, Triumph and TBK Bank - via a shared service model. We'r ...
-
Risk and Compliance Consultant
2 weeks ago
Raas Infotek Dallas, United StatesJob Title: Risk and Compliance Consultant · Location: Dallas TX 75202 · Mode : Contract (Day 1 Onsite) · Work-Experience: · Total 5-7 years in IT Technical role with at least 4 years' experience in Information Security and exposure to regulatory audits and testing. · Type of E ...
-
Risk and Compliance Consultant
1 week ago
Cynet Systems Dallas, United StatesJob Description: · Responsibilities: Work with internal/external teams to understand the security audit requirements and deliver against project plans. · Build NERC CIP control testing procedure based on IT Environment and manage Compliance. · Perform NERC CIP control testing ...
-
Risk and Compliance Consultant
2 weeks ago
Cynet Systems Dallas, United StatesJob Description: · Responsibilities: Work with internal/external teams to understand the security audit requirements and deliver against project plans. · Build NERC CIP control testing procedure based on IT Environment and manage Compliance. · Perform NERC CIP control testing f ...
-
Junior Risk Consultant
3 weeks ago
RENNICKBARRETT RECRUITING Dallas, TX, United States Full timeHealthcare / Health Services - PharmacyJob Category: Medical / Health - PharmacyWith a startup spirit and 90,000+ curious and courageous minds, we have the expertise to go deep with the world's biggest brands—and we have fun doing it. Transformation happens here. Inviting applica ...
-
Risk and Compliance Consultant
2 weeks ago
Yochana IT Dallas, United StatesJob Description · Job DescriptionWork-Experience: Total 5-7 years in IT Technical role with at least 4 years' experience in Information Security and exposure to regulatory audits and testing. · Type of Experience: · Information Security Co-ordination and administration to handle ...
-
Security Risk and Compliance Associate
2 weeks ago
Triumph Financial Dallas, United StatesJoin TriumphX · TriumphX provides a concentration of technology and project management resources the members of the Triumph Financial portfolio of brands - TriumphPay, Triumph and TBK Bank - via a shared service model. We're looking for top tech and project management talent to ...
Information Risk/Security Consultant - Dallas, United States - Ashley Ellis
Description
Job Title:
Information Risk/Security Consultant
Work Location:
Remote
Duration:
Long-term contract with option to hire
Job Description:
We are seeking an
Information Technology Governance Risk / Security Controls Consultant
to join our Information Technology Team.
This is a unique opportunity to join a dynamic team who is looking to streamline and automate manual processes, build / develop and implement solutions that will allow us to work smarter, not harder and add value to the business while reducing our IT risk profile, within a dynamic, fast growing organization.
This role will report into the Director of IT Governance and will work along with the other team members to provide support with all Information Technology and Security related processes, procedures, related to IT Governance, Risk and Controls activities.
Responsible for ensuring that Organizational IT Policies, Standards and Control Objectives are being met, and Industry best practices, standards, and mandatory legislation and regulations are utilized and considered when developing / updating and implementing processes and procedures within the Information Technology department, and ensure conformance with the Information Technology Risk Management and Governance Framework, in place as defined by the client's Second line of Defense, and also interact and work with Information Technology Process Owners, Business, within the First line of Defense, Second Line of Defense and Third line of Defense (Audit), as well as other functions such as Risk, Compliance, Legal, Third-Party Risk Management, Enterprise Information Security, taking into consideration the current maturity of IT as well as evolving needs of all stakeholders.
Work closely with the Director of IT Governance, IT Management, Business Management and other MFS personnel to effectively communicate the IT Governance, Risk and Control practices, help establish an understanding and awareness of the IT Governance, Risk and Control Management and Oversight within MFS USA.
Perform Risk Control Self Assessments (RCSA), IT Risk and Control Assessments such as Secure Coding practice reviews, Vulnerability Assessments, PenTesting, etc.,.
Ability to assess issues and propose viable solutions, develop remediation action plans, and manage projects and initiatives to successful completion.
Ability to automate and provide technological solutions to improve manual processes as well as manage the coordination and implementation of the solutions, information and associated technologies Ensure that the respective accountable IT functional heads are contributing to the success of the initiative, providing input into the IT Service Levels, Risk and Performance management reporting.
KEY AREAS OF RESPONSIBILITY
Responsibilities:
Perform Risk Controls Self Assessments (RCSAs), other Controls, Risk, Vulnerability and Maturity assessments (FFIEC, FFIEC CAT, NIST, etc)
Coordinate, conduct and lead meetings with stakeholders to obtain an understanding of their processes, procedures, controls and IT Risk / Security practices
Document processes, process flows, procedures, and assist with the development of controls to remediate risks
Perform Controls testing, collect supporting evidence, evaluate and assess, for any gaps or exceptions, and report any observations ,
Assist stakeholders by proposing and determining viable options to remediate any gaps, exceptions or issues to address the risks, as well as assist with providing Management responses for the gaps, exceptions or issues to assessors / issuers.
Assist with developing, implementation and managing action plans for the proposed solutions to ensure successful implementation in a timely mannerManage remediation actions, Track monitor and report on the remediation actions and report status to IT Management and stakeholders
Develop, Create, Generate and Produce Risk and Performance based metric reporting to communicate to stakeholders, to demonstrate IT conformance and performance to the IT related processes, procedures, and controls
Coordinate and communicate with other MFS US / Global Management, Business and shared services, transversal functions
Act as a liaison,participate in meetings and communicate client CUSO related initiatives to MFS US stakeholders, such as IT Management, personnel, Operational Risk Management, SLOD - second line of defense and business stakeholders
Review and validate Third-Party Network Connectivity (TPNC) Requests, conduct reviews and recertifications of TPNC
Perform Access / Entitlement Recertification Reviews, Review, Evaluate and Approve Access Requests
Assist with providing and collecting information for Request for Information (RFIs) from business stakeholders and clients
Liaison with Internal Audit, Second Line of Defense and First Line of Defense, Third-Party Risk Management and coordinate efforts with MFS stakeholders, collect and provide requested information in timely manner, track and report status to IT Management
Assist with the continuous development and enhancement of IT Risk Management, Information Security and Governance activities, automation of manual processes, integrating systems and tools to enable the team to perform daily activities more efficiently
Assist with the pre and post evaluation / assessments of proposed and existing Information Technology applications, tools and systems, both in-house developed, COTS - Commercial off the Shelf, and third-party SaaS, PaaS solutions, identify known risks, issues and vulnerabilities, make proposals, perform evaluation and assessment prior to release into production to ensure issues and vulnerabilities have been addressed.
Assist with the facilitation, coordination, execution, tracking, monitoring and status reporting for the Information Technology, Risk and Security related training and awareness and phishing campaign programs (i.e. selection of courses topics, enrollment, tracking, monitor, report follow-up on progress to ensure successful completion in a timely manner)Assist with maintaining Policies, Standards, Procedures, Risk and Controls
Assist with the development, implementation and maintenance of the IT risk register and controls library in ServiceNow, Develop and Maintain Risk and Controls, Dashboards for Transparency and Visibility to IT Management and other Stakeholders
Assist with the development, scheduling and maintenance of the IT Governance, Risk / Security and Control activities and tasks dashboard
Assist with the development and maintenance the IT Governance, Risk / Security documentation such as standard operating procedures and training materials
Faciliate annual review and update of Information Technology Procedures and ensure they are reviewed, updated, completed and published on time.
Skills & Qualifications:
A Bachelor's Degree in a related area such as; Computer Science or Information Technology.
7+ years Information Technology / Information Risk Management, Information / Cyber Security experience / expertise (Hands-on Infrastructure - Networking, Windows Server OS, Development and / or MS SQL Database Management experience is a plus)
Risk-related industry-standard qualifications such as CISSP, CRISC, CISA, CISM, CGEIT, CEH, would be a strong recommendation.
Advantage will be COBIT, ISO2700X, FFIEC, NIST and ITIL.
Experience in compliance frameworks for Information Technology Risk and Security Information Security, & IT
Governance Standards:
ISO27001, PCI-DSS, COBIT, OWASP
Strong risk assessment / audit capabilities
Proficient / Advance skills with MS Office / O36- Excel, Word, Visio, Powerpoint Office, Sharepoint, MS Visual Basics, Tableau or other Data Manipulation / Data Analysis / Data Visualization tools, ability to develop scripts will be a plus, (e.g PowerShell, python, or other scripting languages)
Hands on experience with Information Technology systems and tools utilized in areas such as:
Risk Management GRC / IRM tools (ServiceNow, Archer, Open Pages), ITSM (ServiceNow), Identity Access Management IAM / PAM Privilege Access Management ( PAM) tools, (O365 / Azure AD, Sailpoint, CyberArk) Cloud Computing (AWS, Snowflake), Information Security (Nessus, Splunk, Qualys, Nexpose) and Development (TFS - Team Foundation Server, MS Visual Studio, .
Net web-development, IIS), Networking (Firewall, routers, switchers), Infrastructure / Software (Windows OS / AD, Azure AD, MS SQL-database administration / management, Business Intelligence tools (Tableau, PowerBI, and other platforms utilized withinthe Financial Services / Private Equity / Fund Administration / Banking or other industriesFor more information or to view other opportunities, visit us at
Paladin Consulting is an EEOC employer.
#J-18808-Ljbffr