Jobs
>
Dallas

    Information Risk/Security Consultant - Dallas, United States - Ashley Ellis

    Ashley Ellis
    Ashley Ellis Dallas, United States

    2 weeks ago

    Default job background
    Description

    Job Title:
    Information Risk/Security Consultant

    Work Location:
    Remote

    Duration:
    Long-term contract with option to hire


    Job Description:
    We are seeking an

    Information Technology Governance Risk / Security Controls Consultant

    to join our Information Technology Team.

    This is a unique opportunity to join a dynamic team who is looking to streamline and automate manual processes, build / develop and implement solutions that will allow us to work smarter, not harder and add value to the business while reducing our IT risk profile, within a dynamic, fast growing organization.


    This role will report into the Director of IT Governance and will work along with the other team members to provide support with all Information Technology and Security related processes, procedures, related to IT Governance, Risk and Controls activities.

    Responsible for ensuring that Organizational IT Policies, Standards and Control Objectives are being met, and Industry best practices, standards, and mandatory legislation and regulations are utilized and considered when developing / updating and implementing processes and procedures within the Information Technology department, and ensure conformance with the Information Technology Risk Management and Governance Framework, in place as defined by the client's Second line of Defense, and also interact and work with Information Technology Process Owners, Business, within the First line of Defense, Second Line of Defense and Third line of Defense (Audit), as well as other functions such as Risk, Compliance, Legal, Third-Party Risk Management, Enterprise Information Security, taking into consideration the current maturity of IT as well as evolving needs of all stakeholders.


    Work closely with the Director of IT Governance, IT Management, Business Management and other MFS personnel to effectively communicate the IT Governance, Risk and Control practices, help establish an understanding and awareness of the IT Governance, Risk and Control Management and Oversight within MFS USA.

    Perform Risk Control Self Assessments (RCSA), IT Risk and Control Assessments such as Secure Coding practice reviews, Vulnerability Assessments, PenTesting, etc.,.

    Ability to assess issues and propose viable solutions, develop remediation action plans, and manage projects and initiatives to successful completion.


    Ability to automate and provide technological solutions to improve manual processes as well as manage the coordination and implementation of the solutions, information and associated technologies Ensure that the respective accountable IT functional heads are contributing to the success of the initiative, providing input into the IT Service Levels, Risk and Performance management reporting.


    KEY AREAS OF RESPONSIBILITY

    • Information Technology Risk Management
    • Information / Cyber Security Assessments - security vulnerability evaluations assessments
    • IT Risk / Security and Control Assessments and Remediation
    • IT Governance and Oversight - Risk and Performance Metrics Reporting
    • IT Audit and Risk Coordination
    • IT and Governance Documentation - Develop, Document, Maintain, Implement, Communicate, - Policies, Standards, Processes, Process Flows and Procedures

    Responsibilities:
    Perform Risk Controls Self Assessments (RCSAs), other Controls, Risk, Vulnerability and Maturity assessments (FFIEC, FFIEC CAT, NIST, etc)
    Coordinate, conduct and lead meetings with stakeholders to obtain an understanding of their processes, procedures, controls and IT Risk / Security practices
    Document processes, process flows, procedures, and assist with the development of controls to remediate risks
    Perform Controls testing, collect supporting evidence, evaluate and assess, for any gaps or exceptions, and report any observations ,

    Assist stakeholders by proposing and determining viable options to remediate any gaps, exceptions or issues to address the risks, as well as assist with providing Management responses for the gaps, exceptions or issues to assessors / issuers.

    Assist with developing, implementation and managing action plans for the proposed solutions to ensure successful implementation in a timely manner
    Manage remediation actions, Track monitor and report on the remediation actions and report status to IT Management and stakeholders
    Develop, Create, Generate and Produce Risk and Performance based metric reporting to communicate to stakeholders, to demonstrate IT conformance and performance to the IT related processes, procedures, and controls
    Coordinate and communicate with other MFS US / Global Management, Business and shared services, transversal functions
    Act as a liaison,participate in meetings and communicate client CUSO related initiatives to MFS US stakeholders, such as IT Management, personnel, Operational Risk Management, SLOD - second line of defense and business stakeholders
    Review and validate Third-Party Network Connectivity (TPNC) Requests, conduct reviews and recertifications of TPNC
    Perform Access / Entitlement Recertification Reviews, Review, Evaluate and Approve Access Requests
    Assist with providing and collecting information for Request for Information (RFIs) from business stakeholders and clients
    Liaison with Internal Audit, Second Line of Defense and First Line of Defense, Third-Party Risk Management and coordinate efforts with MFS stakeholders, collect and provide requested information in timely manner, track and report status to IT Management
    Assist with the continuous development and enhancement of IT Risk Management, Information Security and Governance activities, automation of manual processes, integrating systems and tools to enable the team to perform daily activities more efficiently

    Assist with the pre and post evaluation / assessments of proposed and existing Information Technology applications, tools and systems, both in-house developed, COTS - Commercial off the Shelf, and third-party SaaS, PaaS solutions, identify known risks, issues and vulnerabilities, make proposals, perform evaluation and assessment prior to release into production to ensure issues and vulnerabilities have been addressed.

    Assist with the facilitation, coordination, execution, tracking, monitoring and status reporting for the Information Technology, Risk and Security related training and awareness and phishing campaign programs (i.e. selection of courses topics, enrollment, tracking, monitor, report follow-up on progress to ensure successful completion in a timely manner)
    Assist with maintaining Policies, Standards, Procedures, Risk and Controls
    Assist with the development, implementation and maintenance of the IT risk register and controls library in ServiceNow, Develop and Maintain Risk and Controls, Dashboards for Transparency and Visibility to IT Management and other Stakeholders
    Assist with the development, scheduling and maintenance of the IT Governance, Risk / Security and Control activities and tasks dashboard
    Assist with the development and maintenance the IT Governance, Risk / Security documentation such as standard operating procedures and training materials

    Faciliate annual review and update of Information Technology Procedures and ensure they are reviewed, updated, completed and published on time.


    Skills & Qualifications:
    A Bachelor's Degree in a related area such as; Computer Science or Information Technology.
    7+ years Information Technology / Information Risk Management, Information / Cyber Security experience / expertise (Hands-on Infrastructure - Networking, Windows Server OS, Development and / or MS SQL Database Management experience is a plus)
    Risk-related industry-standard qualifications such as CISSP, CRISC, CISA, CISM, CGEIT, CEH, would be a strong recommendation.
    Advantage will be COBIT, ISO2700X, FFIEC, NIST and ITIL.
    Experience in compliance frameworks for Information Technology Risk and Security Information Security, & IT

    Governance Standards:
    ISO27001, PCI-DSS, COBIT, OWASP
    Strong risk assessment / audit capabilities
    Proficient / Advance skills with MS Office / O36- Excel, Word, Visio, Powerpoint Office, Sharepoint, MS Visual Basics, Tableau or other Data Manipulation / Data Analysis / Data Visualization tools, ability to develop scripts will be a plus, (e.g PowerShell, python, or other scripting languages)

    Hands on experience with Information Technology systems and tools utilized in areas such as:

    Risk Management GRC / IRM tools (ServiceNow, Archer, Open Pages), ITSM (ServiceNow), Identity Access Management IAM / PAM Privilege Access Management ( PAM) tools, (O365 / Azure AD, Sailpoint, CyberArk) Cloud Computing (AWS, Snowflake), Information Security (Nessus, Splunk, Qualys, Nexpose) and Development (TFS - Team Foundation Server, MS Visual Studio, .

    Net web-development, IIS), Networking (Firewall, routers, switchers), Infrastructure / Software (Windows OS / AD, Azure AD, MS SQL-database administration / management, Business Intelligence tools (Tableau, PowerBI, and other platforms utilized withinthe Financial Services / Private Equity / Fund Administration / Banking or other industries
    For more information or to view other opportunities, visit us at

    Paladin Consulting is an EEOC employer.
    #J-18808-Ljbffr
  • Paladin Consulting

    Information Risk/Security Consultant

    1 week ago

    Paladin Consulting Dallas, United States

    Job Title: Information Risk/Security Consultant · Work Location: Remote · Duration: Long-term contract with option to hire · Job Description: · We are seeking an Information Technology Governance Risk / Security Controls Consultant to join our Information Technology Team. This ...

  • EY

    Risk Consulting

    1 day ago

    EY Dallas, United States

    EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. · At EY, youll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the ...

  • EY

    Risk Consulting

    3 days ago

    EY Dallas, United States

    EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, youll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the be ...

  • EY

    Risk Consulting

    1 week ago

    EY Dallas, TX, United States

    EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the b ...

  • EY

    Risk Consulting

    1 week ago

    EY Dallas, United States

    EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. · At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become th ...

  • Ernst & Young Advisory Services Sdn Bhd

    Risk Consulting

    2 days ago

    Ernst & Young Advisory Services Sdn Bhd Dallas, United States

    Press Tab to Move to Skip to Content Link · Other locations: · Anywhere in Region · Date: · May 15, 2024 · Requisition ID: · 1499099 · EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. At EY, you'l ...

  • AXA SA

    Risk Consultant

    5 days ago

    AXA SA Dallas, United States

    Property Risk Consultant - Field Engineer · Dallas, TX I Houston, TX I New Orleans, LA I Little Rock, AR I USA · In a world ever more complex and unpredictable, large and corporate companies need an effective partner to improve their risk profile. AXA XL Risk Consulting is a di ...

  • AXA

    Risk Consultant

    3 weeks ago

    AXA Dallas, United States

    Property Risk Consultant - Field Engineer Dallas, TX I Houston, TX I New Orleans, LA I Little Rock, AR I USA In a world ever more complex and unpredictable, large and corporate companies need an effective partner to improve their risk profile. AXA XL Risk Consulting is a division ...

  • AXA

    Risk Consultant

    3 weeks ago

    AXA Dallas, United States

    Property Risk Consultant – Field Engineer · Dallas, TX I Houston, TX I New Orleans, LA I Little Rock, AR I USA · In a world ever more complex and unpredictable, large and corporate companies need an effective partner to improve their risk profile. AXA XL Risk Consulting is a divi ...

  • Marsh & McLennan Companies

    Risk Consultant

    2 weeks ago

    Marsh & McLennan Companies Dallas, United States

    Company: · Description: · Risk Consultant - Transportation · Our not-so-secret sauce. · Award-winning, inclusive, Top Workplace culture doesn't happen overnight. It's a result of hard work by extraordinary people. More than 10,000 of the industry's brightest talent drive our e ...

  • Aon Hewitt

    Risk Consultant

    2 weeks ago

    Aon Hewitt Dallas, United States

    Risk Consultant- Director of Property- 100% remote or hybrid · Are you ready to begin a new challenge and work with the best Insurance Professionals in the business? Then this just maybe the new opportunity you are looking for · Work with one of the largest and most interesting M ...

  • MMC

    Risk Consultant

    2 weeks ago

    MMC Dallas, United States Full time

    Risk Consultant - Transportation · Our not-so-secret sauce. · Award-winning, inclusive, Top Workplace culture doesn't happen overnight. It's a result of hard work by extraordinary people. More than 10,000 of the industry's brightest talent drive our efforts to deliver purposeful ...

  • Marsh McLennan Agency

    Risk Consultant

    3 weeks ago

    Marsh McLennan Agency Dallas, United States OTHER

    Risk Consultant – Transportation · Our not-so-secret sauce. · Award-winning, inclusive, Top Workplace culture doesn't happen overnight. It's a result of hard work by extraordinary people. More than 10,000 of the industry's brightest talent drive our efforts to deliver purposeful ...

  • Triumph Financial

    Senior Security Risk

    3 weeks ago

    Triumph Financial Dallas, United States

    Join TriumphX · TriumphX, a member of the Triumph Financial portfolio of brands, provides a concentration of technology and project management resources the members of the Triumph Financial portfolio of brands - TriumphPay, Triumph and TBK Bank - via a shared service model. We'r ...

  • Raas Infotek

    Risk and Compliance Consultant

    2 weeks ago

    Raas Infotek Dallas, United States

    Job Title: Risk and Compliance Consultant · Location: Dallas TX 75202 · Mode : Contract (Day 1 Onsite) · Work-Experience: · Total 5-7 years in IT Technical role with at least 4 years' experience in Information Security and exposure to regulatory audits and testing. · Type of E ...

  • Cynet Systems

    Risk and Compliance Consultant

    1 week ago

    Cynet Systems Dallas, United States

    Job Description: · Responsibilities: Work with internal/external teams to understand the security audit requirements and deliver against project plans. · Build NERC CIP control testing procedure based on IT Environment and manage Compliance. · Perform NERC CIP control testing ...

  • Cynet Systems

    Risk and Compliance Consultant

    2 weeks ago

    Cynet Systems Dallas, United States

    Job Description: · Responsibilities: Work with internal/external teams to understand the security audit requirements and deliver against project plans. · Build NERC CIP control testing procedure based on IT Environment and manage Compliance. · Perform NERC CIP control testing f ...

  • RENNICKBARRETT RECRUITING

    Junior Risk Consultant

    3 weeks ago

    RENNICKBARRETT RECRUITING Dallas, TX, United States Full time

    Healthcare / Health Services - PharmacyJob Category: Medical / Health - PharmacyWith a startup spirit and 90,000+ curious and courageous minds, we have the expertise to go deep with the world's biggest brands—and we have fun doing it. Transformation happens here. Inviting applica ...

  • Yochana IT

    Risk and Compliance Consultant

    2 weeks ago

    Yochana IT Dallas, United States

    Job Description · Job DescriptionWork-Experience: Total 5-7 years in IT Technical role with at least 4 years' experience in Information Security and exposure to regulatory audits and testing. · Type of Experience: · Information Security Co-ordination and administration to handle ...

  • Triumph Financial

    Security Risk and Compliance Associate

    2 weeks ago

    Triumph Financial Dallas, United States

    Join TriumphX · TriumphX provides a concentration of technology and project management resources the members of the Triumph Financial portfolio of brands - TriumphPay, Triumph and TBK Bank - via a shared service model. We're looking for top tech and project management talent to ...