Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
17/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
17/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
Manager, Internal Audit - IT/Security Salary: open + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of experience in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software. Security tools such as: CyberArk, Splunk, SailPoint Change management tools such as: ServiceNow, Jira, Confluence, GitHub Preferred Databases such as: Oracle, DB2, SQL Cloud-based solutions: AWS, Azure, Oracle Cloud, Workday Relevant Certifications Responsibilities Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality, and auditee experience.
17/05/2024
Full time
Manager, Internal Audit - IT/Security Salary: open + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of experience in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software. Security tools such as: CyberArk, Splunk, SailPoint Change management tools such as: ServiceNow, Jira, Confluence, GitHub Preferred Databases such as: Oracle, DB2, SQL Cloud-based solutions: AWS, Azure, Oracle Cloud, Workday Relevant Certifications Responsibilities Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality, and auditee experience.
Manager, Internal Audit - IT/Security Salary: open + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of experience in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software. Security tools such as: CyberArk, Splunk, SailPoint Change management tools such as: ServiceNow, Jira, Confluence, GitHub Preferred Databases such as: Oracle, DB2, SQL Cloud-based solutions: AWS, Azure, Oracle Cloud, Workday Relevant Certifications Responsibilities Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality, and auditee experience.
17/05/2024
Full time
Manager, Internal Audit - IT/Security Salary: open + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of experience in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software. Security tools such as: CyberArk, Splunk, SailPoint Change management tools such as: ServiceNow, Jira, Confluence, GitHub Preferred Databases such as: Oracle, DB2, SQL Cloud-based solutions: AWS, Azure, Oracle Cloud, Workday Relevant Certifications Responsibilities Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality, and auditee experience.
Automotive Cyber Security Engineer (UNECE, R155, R156) Automotive Hybrid: 2 days per week in Crewe 6 months £550 per day PAYE Essential: This is not an IT Security role. This is automotive working on in-car applications and requires Embedded security knowledge and vehicle security controls. In short: Automotive Cyber Security Engineer required to join a prestigious automotive manufacturer in performing security-related activities. ABOUT THE ROLE We are seeking a Cyber Security Engineer to join the business on a temporary basis, at our Crewe campus working on a hybrid basis. The Cyber Security Engineer will report to Vehicle Cyber Security Manager. The role is responsible for the product cyber security engineering activities primarily focused around cyber security requirements, legislation analysis and interpretation and compliance to the client defined secure product development process. Responsibilities include: Assess, interpret and track new or amended cybersecurity security/software update management legislations to relevant functions and cascade interpretation to subject matter experts. Develop and or maintain security specifications for vehicle components and functions for all projects. Analyse and update cybersecurity requirements based on the applicable cyber security legislations for the project. Ensure traceability between regulations and requirements are maintained and available for audit purposes. Deliver cybersecurity work products aligned to the client's Secure Development Process (for eg TARA, security case, security plan, component security analysis). Update process templates or process flows based on lessons learnt and recommended improvements. SKILLS AND EXPERIENCE The successful applicant will be a delivery focused and experienced Cyber Security Engineer with technical product security competencies ideally from within the automotive sector. The successful candidate will be able to demonstrate: Product security technical competency (UNECE, R155, R156, ISO21434) Good knowledge of legislative landscape for cybersecurity and connected services in different regions (like China, South Korea, Japan, South Africa) in addition to Europe. Ability to analyse and interpret cyber security and software update regulations and how they impact the product requirements. Good understanding of security controls for automotive vehicles. System requirements engineering experience Software/Programming knowledge (C, C++) Delivery focused Project management and Planning Good communication at various levels in different forums Good presentation skills Ability to influence colleagues within your area of responsibility Good communication skills(German language would be advantageous) Engineering degree or equivalent is essential (or equivalent experience) Associate member of relevant professional institute is desirable. Candidates will ideally show evidence of the above in their CV in order to be considered. Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer.
17/05/2024
Project-based
Automotive Cyber Security Engineer (UNECE, R155, R156) Automotive Hybrid: 2 days per week in Crewe 6 months £550 per day PAYE Essential: This is not an IT Security role. This is automotive working on in-car applications and requires Embedded security knowledge and vehicle security controls. In short: Automotive Cyber Security Engineer required to join a prestigious automotive manufacturer in performing security-related activities. ABOUT THE ROLE We are seeking a Cyber Security Engineer to join the business on a temporary basis, at our Crewe campus working on a hybrid basis. The Cyber Security Engineer will report to Vehicle Cyber Security Manager. The role is responsible for the product cyber security engineering activities primarily focused around cyber security requirements, legislation analysis and interpretation and compliance to the client defined secure product development process. Responsibilities include: Assess, interpret and track new or amended cybersecurity security/software update management legislations to relevant functions and cascade interpretation to subject matter experts. Develop and or maintain security specifications for vehicle components and functions for all projects. Analyse and update cybersecurity requirements based on the applicable cyber security legislations for the project. Ensure traceability between regulations and requirements are maintained and available for audit purposes. Deliver cybersecurity work products aligned to the client's Secure Development Process (for eg TARA, security case, security plan, component security analysis). Update process templates or process flows based on lessons learnt and recommended improvements. SKILLS AND EXPERIENCE The successful applicant will be a delivery focused and experienced Cyber Security Engineer with technical product security competencies ideally from within the automotive sector. The successful candidate will be able to demonstrate: Product security technical competency (UNECE, R155, R156, ISO21434) Good knowledge of legislative landscape for cybersecurity and connected services in different regions (like China, South Korea, Japan, South Africa) in addition to Europe. Ability to analyse and interpret cyber security and software update regulations and how they impact the product requirements. Good understanding of security controls for automotive vehicles. System requirements engineering experience Software/Programming knowledge (C, C++) Delivery focused Project management and Planning Good communication at various levels in different forums Good presentation skills Ability to influence colleagues within your area of responsibility Good communication skills(German language would be advantageous) Engineering degree or equivalent is essential (or equivalent experience) Associate member of relevant professional institute is desirable. Candidates will ideally show evidence of the above in their CV in order to be considered. Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer.
NO SPONSORSHIP Principal, Product Manager - Financial Risk Management and Systems SALARY: $190k plus 15% bonus LOCATION: CHICAGO, IL Hybrid 3 days onsite Looking for a candidate with experience as a product manager/owner agile product manager experience financial services general security markets derivatives knowledge multiple asset classes like equities interest rates volatility commodities foreign currencies risk pillar specify control counter party clearing statements of derivatives financial risk management and regulated capital markets infrastructure Jira confluence tableau MS Applications 10 years of financial risk management Summary: The Product Owner at the will be responsible for maximizing the value of the Products delivered to our stakeholders by representing business interests, working with our technology teams to determine requirements, creating a product roadmap for development, and prioritizing the work. The Product Owner will work in a hybrid agile methodology collaborating with cross-functional teams. The Product Owner must ensure that the technology teams understand and are aligned with the Product vision and that leadership is kept aware of Product progress and status. Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Stakeholder Engagement and Management o Act as the primary point of contact for stakeholders regarding the product backlog and product development o Interact with internal and external stakeholders such as regulators, exchanges and other external parties in explaining OCC's Products o Elicit, interpret, lead requirement workshop discussions with vendors, stakeholders and/or product owners; assist in the development of backlog items and acceptance criteria o Work with internal and external stakeholders to understand their needs and ensure that they are reflected in the product backlog o Maintain direct communications with senior and middle management o Coordinate preparation of materials for Management Committee, Board of Directors and Regulatory meetings as needed o Maintain Product Vision and Roadmap o Understand regulatory requirements and drivers impacting development goals and plans o Evaluate product changes and recommend needed process and system changes o Develop functional capabilities within the organization by driving innovation and continuous process improvements o Collaborate with cross-functional teams to define and prioritize the product backlog o Refine the product backlog to ensure that it is ready for development o Maintain product budget and forecast. Seek to optimize product delivery in the most cost effective manner. o Collaborate with technology partners and teams to drive strategic plans for the system development, integration and deployment o Work with the Project Owners/Managers, Technology Lead, and Scrum Master to ensure that the team is following the hybrid agile methodology and that any issues are addressed in a timely manner o Document and/or sign-off on acceptance criteria for user stories o Ensure that the product backlog is transparent, visible, and understood by all stakeholders o Ensure there is a clear traceability of requirements to deliverables o Ensure the product complies with all non-functional requirements o Comply with all product delivery controls and procedures Product Leadership Product Delivery Product Integrity Quality Management Team Leadership Qualifications: Previous experience as a Product Manager/Owner in a hybrid agile methodology is required Strong understanding of Agile product management methodologies and product development processes Excellent communication, collaboration, and presentation skills Strong interpersonal and influencing skills, including ability to interact effectively with peers, all levels of management, regulators and member firms Ability to work effectively with and lead cross-functional teams Strong analytical and problem-solving skills Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports Ability to prioritize and manage multiple tasks and projects simultaneously Ability to work independently in a fast-paced, dynamic environment Must be able to work under deadlines and manage multiple tasks Self-directed; Ability to work both independently with minimal direction or oversight in a team-oriented, collaborative environment Experience working in the financial services industry General securities markets, derivatives knowledge required Strong knowledge in multiple asset classes like equities, interest rates, volatility, commodities, and foreign currencies (Risk Pillar Specific) Experience with central counter-party clearing, settlement of derivatives, financial risk management and regulated capital markets infrastructure Willingness to roll up your sleeves and do whatever is necessary Technical Skills: Proficiency using Jira, Confluence, Tableau and Microsoft Office applications Education and/or Experience: Bachelor's degree MBA, MS or equivalent graduate degree in a relevant field preferred 10+ years of financial risk management experience leading teams and building robust business processes is required 2+ years of product management experience, preferably with Risk Management products and capabilities Demonstrated experience with ensuring effective process change management 10+ years of experience in financial services/regulated capital markets infrastructure. Experience with an exchange, regulator or clearing house preferred
16/05/2024
Full time
NO SPONSORSHIP Principal, Product Manager - Financial Risk Management and Systems SALARY: $190k plus 15% bonus LOCATION: CHICAGO, IL Hybrid 3 days onsite Looking for a candidate with experience as a product manager/owner agile product manager experience financial services general security markets derivatives knowledge multiple asset classes like equities interest rates volatility commodities foreign currencies risk pillar specify control counter party clearing statements of derivatives financial risk management and regulated capital markets infrastructure Jira confluence tableau MS Applications 10 years of financial risk management Summary: The Product Owner at the will be responsible for maximizing the value of the Products delivered to our stakeholders by representing business interests, working with our technology teams to determine requirements, creating a product roadmap for development, and prioritizing the work. The Product Owner will work in a hybrid agile methodology collaborating with cross-functional teams. The Product Owner must ensure that the technology teams understand and are aligned with the Product vision and that leadership is kept aware of Product progress and status. Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Stakeholder Engagement and Management o Act as the primary point of contact for stakeholders regarding the product backlog and product development o Interact with internal and external stakeholders such as regulators, exchanges and other external parties in explaining OCC's Products o Elicit, interpret, lead requirement workshop discussions with vendors, stakeholders and/or product owners; assist in the development of backlog items and acceptance criteria o Work with internal and external stakeholders to understand their needs and ensure that they are reflected in the product backlog o Maintain direct communications with senior and middle management o Coordinate preparation of materials for Management Committee, Board of Directors and Regulatory meetings as needed o Maintain Product Vision and Roadmap o Understand regulatory requirements and drivers impacting development goals and plans o Evaluate product changes and recommend needed process and system changes o Develop functional capabilities within the organization by driving innovation and continuous process improvements o Collaborate with cross-functional teams to define and prioritize the product backlog o Refine the product backlog to ensure that it is ready for development o Maintain product budget and forecast. Seek to optimize product delivery in the most cost effective manner. o Collaborate with technology partners and teams to drive strategic plans for the system development, integration and deployment o Work with the Project Owners/Managers, Technology Lead, and Scrum Master to ensure that the team is following the hybrid agile methodology and that any issues are addressed in a timely manner o Document and/or sign-off on acceptance criteria for user stories o Ensure that the product backlog is transparent, visible, and understood by all stakeholders o Ensure there is a clear traceability of requirements to deliverables o Ensure the product complies with all non-functional requirements o Comply with all product delivery controls and procedures Product Leadership Product Delivery Product Integrity Quality Management Team Leadership Qualifications: Previous experience as a Product Manager/Owner in a hybrid agile methodology is required Strong understanding of Agile product management methodologies and product development processes Excellent communication, collaboration, and presentation skills Strong interpersonal and influencing skills, including ability to interact effectively with peers, all levels of management, regulators and member firms Ability to work effectively with and lead cross-functional teams Strong analytical and problem-solving skills Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports Ability to prioritize and manage multiple tasks and projects simultaneously Ability to work independently in a fast-paced, dynamic environment Must be able to work under deadlines and manage multiple tasks Self-directed; Ability to work both independently with minimal direction or oversight in a team-oriented, collaborative environment Experience working in the financial services industry General securities markets, derivatives knowledge required Strong knowledge in multiple asset classes like equities, interest rates, volatility, commodities, and foreign currencies (Risk Pillar Specific) Experience with central counter-party clearing, settlement of derivatives, financial risk management and regulated capital markets infrastructure Willingness to roll up your sleeves and do whatever is necessary Technical Skills: Proficiency using Jira, Confluence, Tableau and Microsoft Office applications Education and/or Experience: Bachelor's degree MBA, MS or equivalent graduate degree in a relevant field preferred 10+ years of financial risk management experience leading teams and building robust business processes is required 2+ years of product management experience, preferably with Risk Management products and capabilities Demonstrated experience with ensuring effective process change management 10+ years of experience in financial services/regulated capital markets infrastructure. Experience with an exchange, regulator or clearing house preferred
CNC MILLER SETTER OPERATOR REPORTING TO: PRODUCTION MANAGER Due to my client's continued expansion and strong product portfolio across both motorsport and future automotive, we are looking to recruit a CNC Miller Setter Operator to support Production. My client is relied upon by many of the world's top motorsport teams, performance car constructors, hybrid and electric transportation innovators to extract the performance and reliability they require to get their high-performance transmission challenges done. Whatever the nature of your next motorsport or vehicle engineering project might be, my client can help with off-the shelf and bespoke solutions along with design consulting and manufacturing expertise. At my client, we believe that good customer service is every bit as important as a strong product. DUTIES AND RESPONSIBILITIES INCLUDE: Cleanliness of work station and maintenance of machines while during and at the end of their shift in line with company TPM Schedule Reading and interpreting engineering drawings Setting and operating milling machines to required tolerance Use of manual measuring equipment Tool setting on CNC Machines Programme proving of new products as and when required. Actively provide details of changes to correct/improve programs that go towards improving machining performance Loading and unloading parts onto machines Maintain notes (machine log book) on current process identifying any issues for following shift Use of Fanuc controls Tapping and Deburring where required Help and assist other members of the milling cell when required Following daily work to do lists to follow the production schedule issued by Team Leader Take care not to cause harm to yourself, a colleague, visitors, customers or contractors Adhere to all quality, Health and Safety and environmental policies, manuals, objectives, process, procedures and work instructions Actively participate in the [COMPANY] Think Smart/Safe programme Wear appropriate personal protective equipment (PPE) - be accountable for notifying Health and Safety when in need of replacements Liaising with production engineering, design and inspection as and when required Any additional tasks required THE IDEAL CANDIDATE MUST HAVE/SKILLS REQUIRED: Attention to detail Initiative Can-do attitude Confidentiality Customer Service Focus Team player EXPERIENCE IN THE FOLLOWING AREAS WILL BE REQUIRED: 3-5 Years relevant production experience Experience of Milling Operations Willing to work shifts and unsociable hours High attention to detail Required to work overtime in line with company needs DESIRABLE: Experience of a high-quality Manufacturing environment Have previously run Matsuura 3-4-5 axis milling machines or similar Minor Fanuc programme editing Excellent communication skills Good time management
16/05/2024
Full time
CNC MILLER SETTER OPERATOR REPORTING TO: PRODUCTION MANAGER Due to my client's continued expansion and strong product portfolio across both motorsport and future automotive, we are looking to recruit a CNC Miller Setter Operator to support Production. My client is relied upon by many of the world's top motorsport teams, performance car constructors, hybrid and electric transportation innovators to extract the performance and reliability they require to get their high-performance transmission challenges done. Whatever the nature of your next motorsport or vehicle engineering project might be, my client can help with off-the shelf and bespoke solutions along with design consulting and manufacturing expertise. At my client, we believe that good customer service is every bit as important as a strong product. DUTIES AND RESPONSIBILITIES INCLUDE: Cleanliness of work station and maintenance of machines while during and at the end of their shift in line with company TPM Schedule Reading and interpreting engineering drawings Setting and operating milling machines to required tolerance Use of manual measuring equipment Tool setting on CNC Machines Programme proving of new products as and when required. Actively provide details of changes to correct/improve programs that go towards improving machining performance Loading and unloading parts onto machines Maintain notes (machine log book) on current process identifying any issues for following shift Use of Fanuc controls Tapping and Deburring where required Help and assist other members of the milling cell when required Following daily work to do lists to follow the production schedule issued by Team Leader Take care not to cause harm to yourself, a colleague, visitors, customers or contractors Adhere to all quality, Health and Safety and environmental policies, manuals, objectives, process, procedures and work instructions Actively participate in the [COMPANY] Think Smart/Safe programme Wear appropriate personal protective equipment (PPE) - be accountable for notifying Health and Safety when in need of replacements Liaising with production engineering, design and inspection as and when required Any additional tasks required THE IDEAL CANDIDATE MUST HAVE/SKILLS REQUIRED: Attention to detail Initiative Can-do attitude Confidentiality Customer Service Focus Team player EXPERIENCE IN THE FOLLOWING AREAS WILL BE REQUIRED: 3-5 Years relevant production experience Experience of Milling Operations Willing to work shifts and unsociable hours High attention to detail Required to work overtime in line with company needs DESIRABLE: Experience of a high-quality Manufacturing environment Have previously run Matsuura 3-4-5 axis milling machines or similar Minor Fanuc programme editing Excellent communication skills Good time management
Strategic: By supporting the project in the areas of team organization, documentation control and cost allocation in SAP/WBS, the project liaison team leader will see their role and responsibility increase with the development of the project through the design phases. Every new design phase will bring additional needs and workload, driven by the implementation and closure phases requiring a higher contribution of this function, thus a higher need of good coordination. This function provides an important assistance to the design engineers by allowing them to focus mainly in the engineering design and removing from them the workload of project organization tasks. The project liaison team leader has a key role in expansion projects to guarantee that all purchase orders of the project are correctly allocated to the correspondent WBS, hence guaranteeing a good knowledge and control of the project budget, as well as, the documentation generated by the project is correctly logged, distributed and archived Scope of the mission Integrating the project team, the project liaison team leader is responsible to lead the team which coordinates project documentation flows and archive, establishes systems to manage/track purchase orders and goods receipts, responsible management of miscellaneous non-PO purchases, establish and maintain systems for allocation of project costs in SAP/WBS, and all aspects related with the organization of the engineering team: welcoming new team members, developing individualized onboarding plans, support their needs, organize the project gate reviews and monthly review meetings Primary Tasks and responsibilities: . Onboarding of new employees: o Lead, with support from the Regional Program Director, in onboarding of new employees to the engineering organization o Work with new employees' direct supervisors to develop individual training plans tailored to the needs of their role, along with base knowledge/expectations of the engineering organization o Plan and prepare the logistic needs for new team members, including system/security access, supplies/equipment, travel arrangements, and other business support. * Cost control: o Establish and maintain systems to issue and track purchase orders in SAP, guaranteeing correct WBS allocation o Coach and Support Project Liaison to issue and track Shopping Carts (SCs), Purchase Orders (POs) and goods receipts (GRs) in SAP in a timely manner o Coach and Support Project Controls to Actively manage SAP/WBS cost allocation and highlight variations o Provide actuals per WBS to support forecasting by Project Managers o Stewardship of Engineering procurement card (ProCard) for all non-travel related miscellaneous purchases, ensuring appropriate use of Procard vs Purchase Order, leadership approval according to Local Approval Matrix (LAM) o Consolidate quarterly and monthly project cost forecast reported by PM o Update forecasts in Planisware o Oversee updating of SAP/ARIBA files o Monthly Headcount allocation to appropriate WBS accounts for all active projects & waves within the region/site o Report actual costs of the yearly Engineering department budgets * Leadership of the Liaison Team o Manage of daily miscellaneous requirements and admin tasks o Manage and delegate administrative tasks and project priorities o Manage and delegate department administrative work such as organizing the monthly department meetings, annual outing, travel, visitors, teambuilding activities, etc o Maintain and manage a healthy and motivating work environment o Improve and formalize monthly departmental reports/meeting * Leadership of the Document Control Team: o Organize, distribute and archive all project documents, guaranteeing proper archiving rules to support claims to contractors and EPCm partners o Manage the project folder access Matrix, maintain project transmittals, archiving engineering deliverables and permitting docs on project Servers * Department Communication: o Responsible for all aspect of internal and external communication within local Engineering department o Manage visual branding display in department o Work closely with HR/GSS/EHS team * Facilities management: o Responsible for facilities operations within the department o Liaise with facilities contractors, responsible to maintain engineering facilities o Managing repairs, maintenance and replacement in the engineering facilities o Working together with EHS regarding fire safety procedures in the engineering facilities * General duties: o Carry out assigned tasks and duties in a safe manner, in accordance with instructions, and to comply with environmental, health & safety rules/procedures, regulations and codes of practice. o Perform engineering and technical support to the projects when needed, undertaking any additional tasks commensurate with the role as and when required. o rules and procedures set down: Technical Profile requirements: . University degree or College diploma specializing in business administration or a technical field . Experience and/or background in industrial companies, preferably linked to engineering or . operations . Competent and fluent (written and verbal) in Spanish and English . Computer literacy with good working knowledge of the MS Office package . Experience with SAP and Ariba software . Knowledge of EHS standards and industry good practices . Must have the Knowledge, Experience and Skills to conduct their tasks in accordance with the Non-Technical Profile Requirements : . Organized . Team worker . Result oriented and timely delivery . Positive mindset . Capable to work in Matrix organizations . Problem and conflict solver . Flexible and resilient to work in ambiguous situations with limited supervision . Coaching skills . Good communication Location: . North of Spain, exact location remains confidential till at least early July . Until EOY 2024 remote work, afterwards consultants are expected to work onsite Business Travel: . Travel will be required and outside Spain reimbursed via expenses Contract: . Long term contract . Confirmation of the mission will take place before 1/7 . Official confirmation and contract creation scheduled for early July Start: . Objective +- 1st of August . Consultants can perform notice if 4-6 weeks, longer is to discuss with the manager . Consultants cannot take long holidays in July/August after start due to the high workload Languages: . Fluent In Spanish & English Rate: . Market-level Rates for Spain . All-in Rate for Remote and local presence at SPAIN . No expenses accepted Reason for Hire Specific Skills Required for Project Safety Equipment Not applicable (keep in mind that for Olen and Hoboken sites a neon vest is mandatory) Additional Safety Equipment to be provided by Supplier n.a. Travel Required? Yes Travel percentage- 10%
16/05/2024
Full time
Strategic: By supporting the project in the areas of team organization, documentation control and cost allocation in SAP/WBS, the project liaison team leader will see their role and responsibility increase with the development of the project through the design phases. Every new design phase will bring additional needs and workload, driven by the implementation and closure phases requiring a higher contribution of this function, thus a higher need of good coordination. This function provides an important assistance to the design engineers by allowing them to focus mainly in the engineering design and removing from them the workload of project organization tasks. The project liaison team leader has a key role in expansion projects to guarantee that all purchase orders of the project are correctly allocated to the correspondent WBS, hence guaranteeing a good knowledge and control of the project budget, as well as, the documentation generated by the project is correctly logged, distributed and archived Scope of the mission Integrating the project team, the project liaison team leader is responsible to lead the team which coordinates project documentation flows and archive, establishes systems to manage/track purchase orders and goods receipts, responsible management of miscellaneous non-PO purchases, establish and maintain systems for allocation of project costs in SAP/WBS, and all aspects related with the organization of the engineering team: welcoming new team members, developing individualized onboarding plans, support their needs, organize the project gate reviews and monthly review meetings Primary Tasks and responsibilities: . Onboarding of new employees: o Lead, with support from the Regional Program Director, in onboarding of new employees to the engineering organization o Work with new employees' direct supervisors to develop individual training plans tailored to the needs of their role, along with base knowledge/expectations of the engineering organization o Plan and prepare the logistic needs for new team members, including system/security access, supplies/equipment, travel arrangements, and other business support. * Cost control: o Establish and maintain systems to issue and track purchase orders in SAP, guaranteeing correct WBS allocation o Coach and Support Project Liaison to issue and track Shopping Carts (SCs), Purchase Orders (POs) and goods receipts (GRs) in SAP in a timely manner o Coach and Support Project Controls to Actively manage SAP/WBS cost allocation and highlight variations o Provide actuals per WBS to support forecasting by Project Managers o Stewardship of Engineering procurement card (ProCard) for all non-travel related miscellaneous purchases, ensuring appropriate use of Procard vs Purchase Order, leadership approval according to Local Approval Matrix (LAM) o Consolidate quarterly and monthly project cost forecast reported by PM o Update forecasts in Planisware o Oversee updating of SAP/ARIBA files o Monthly Headcount allocation to appropriate WBS accounts for all active projects & waves within the region/site o Report actual costs of the yearly Engineering department budgets * Leadership of the Liaison Team o Manage of daily miscellaneous requirements and admin tasks o Manage and delegate administrative tasks and project priorities o Manage and delegate department administrative work such as organizing the monthly department meetings, annual outing, travel, visitors, teambuilding activities, etc o Maintain and manage a healthy and motivating work environment o Improve and formalize monthly departmental reports/meeting * Leadership of the Document Control Team: o Organize, distribute and archive all project documents, guaranteeing proper archiving rules to support claims to contractors and EPCm partners o Manage the project folder access Matrix, maintain project transmittals, archiving engineering deliverables and permitting docs on project Servers * Department Communication: o Responsible for all aspect of internal and external communication within local Engineering department o Manage visual branding display in department o Work closely with HR/GSS/EHS team * Facilities management: o Responsible for facilities operations within the department o Liaise with facilities contractors, responsible to maintain engineering facilities o Managing repairs, maintenance and replacement in the engineering facilities o Working together with EHS regarding fire safety procedures in the engineering facilities * General duties: o Carry out assigned tasks and duties in a safe manner, in accordance with instructions, and to comply with environmental, health & safety rules/procedures, regulations and codes of practice. o Perform engineering and technical support to the projects when needed, undertaking any additional tasks commensurate with the role as and when required. o rules and procedures set down: Technical Profile requirements: . University degree or College diploma specializing in business administration or a technical field . Experience and/or background in industrial companies, preferably linked to engineering or . operations . Competent and fluent (written and verbal) in Spanish and English . Computer literacy with good working knowledge of the MS Office package . Experience with SAP and Ariba software . Knowledge of EHS standards and industry good practices . Must have the Knowledge, Experience and Skills to conduct their tasks in accordance with the Non-Technical Profile Requirements : . Organized . Team worker . Result oriented and timely delivery . Positive mindset . Capable to work in Matrix organizations . Problem and conflict solver . Flexible and resilient to work in ambiguous situations with limited supervision . Coaching skills . Good communication Location: . North of Spain, exact location remains confidential till at least early July . Until EOY 2024 remote work, afterwards consultants are expected to work onsite Business Travel: . Travel will be required and outside Spain reimbursed via expenses Contract: . Long term contract . Confirmation of the mission will take place before 1/7 . Official confirmation and contract creation scheduled for early July Start: . Objective +- 1st of August . Consultants can perform notice if 4-6 weeks, longer is to discuss with the manager . Consultants cannot take long holidays in July/August after start due to the high workload Languages: . Fluent In Spanish & English Rate: . Market-level Rates for Spain . All-in Rate for Remote and local presence at SPAIN . No expenses accepted Reason for Hire Specific Skills Required for Project Safety Equipment Not applicable (keep in mind that for Olen and Hoboken sites a neon vest is mandatory) Additional Safety Equipment to be provided by Supplier n.a. Travel Required? Yes Travel percentage- 10%
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Financial Risk Management Systems Product Manager. Candidate will be responsible for maximizing the value of the Products delivered to our stakeholders by representing business interests, working with our technology teams to determine requirements, creating a product roadmap for development, and prioritizing the work. The Product Owner will work in a hybrid agile methodology collaborating with cross-functional teams. The Product Owner must ensure that the technology teams understand and are aligned with the Product vision and that leadership is kept aware of Product progress and status. Responsibilities: Act as the primary point of contact for stakeholders regarding the product backlog and product development Interact with internal and external stakeholders such as regulators, exchanges and other external parties in explaining Products Elicit, interpret, lead requirement workshop discussions with vendors, stakeholders and/or product owners; assist in the development of backlog items and acceptance criteria Work with internal and external stakeholders to understand their needs and ensure that they are reflected in the product backlog Maintain direct communications with senior and middle management Coordinate preparation of materials for Management Committee, Board of Directors and Regulatory meetings as needed Maintain Product Vision and Roadmap Understand regulatory requirements and drivers impacting development goals and plans Evaluate product changes and recommend needed process and system changes Develop functional capabilities within the organization by driving innovation and continuous process improvements Collaborate with cross-functional teams to define and prioritize the product backlog Refine the product backlog to ensure that it is ready for development Maintain product budget and forecast. Seek to optimize product delivery in the most cost effective manner. Collaborate with technology partners and teams to drive strategic plans for system development, integration and deployment Work with the Project Owners/Managers, Technology Lead, and Scrum Master to ensure that the team is following the hybrid agile methodology and that any issues are addressed in a timely manner Document and/or sign-off on acceptance criteria for user stories Ensure that the product backlog is transparent, visible, and understood by all stakeholders Ensure there is a clear traceability of requirements to deliverables Ensure the product complies with all non-functional requirements Comply with all product delivery controls and procedures Continuously monitor and evaluate the product backlog to ensure that it is meeting stakeholder needs and delivering value Identify scope gaps and missing requirements by acquiring an in-depth understanding of current state capabilities (ie, Legacy system) and future state needs Proactively identify and escalates risks and issues to the leadership team. Monitor vendor performance (where applicable) against statements of work Meet complex business needs in an efficient, flexible, and ever-improving manner Indirectly supervise project team members from across FRM and internal technology teams. May involve direct supervision of individuals or teams within one year. Qualifications: Previous experience as a Product Manager/Owner in a hybrid agile methodology is required Strong understanding of Agile product management methodologies and product development processes Excellent communication, collaboration, and presentation skills Strong interpersonal and influencing skills, including ability to interact effectively with peers, all levels of management, regulators and member firms Ability to work effectively with and lead cross-functional teams Strong analytical and problem-solving skills Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports Ability to prioritize and manage multiple tasks and projects simultaneously Ability to work independently in a fast-paced, dynamic environment Must be able to work under deadlines and manage multiple tasks Self-directed; Ability to work both independently with minimal direction or oversight in a team-oriented, collaborative environment Experience working in the financial services industry General securities markets, derivatives knowledge required Strong knowledge in multiple asset classes like equities, interest rates, volatility, commodities, and foreign currencies (Risk Pillar Specific) Experience with central counter-party clearing, settlement of derivatives, financial risk management and regulated capital markets infrastructure Willingness to roll up your sleeves and do whatever is necessary Proficiency using Jira, Confluence, Tableau and Microsoft Office applications Bachelor's degree (or equivalent) in relevant fields including Accounting, Finance, Computer Science, Management Information Systems, Engineering among others MBA, MS or equivalent graduate degree in a relevant field preferred 10+ years of financial risk management experience leading teams and building robust business processes is required 2+ years of product management experience, preferably with Risk Management products and capabilities Demonstrated experience with ensuring effective process change management 10+ years of experience in financial services/regulated capital markets infrastructure. Experience with an exchange, regulator or clearing house preferred
14/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Financial Risk Management Systems Product Manager. Candidate will be responsible for maximizing the value of the Products delivered to our stakeholders by representing business interests, working with our technology teams to determine requirements, creating a product roadmap for development, and prioritizing the work. The Product Owner will work in a hybrid agile methodology collaborating with cross-functional teams. The Product Owner must ensure that the technology teams understand and are aligned with the Product vision and that leadership is kept aware of Product progress and status. Responsibilities: Act as the primary point of contact for stakeholders regarding the product backlog and product development Interact with internal and external stakeholders such as regulators, exchanges and other external parties in explaining Products Elicit, interpret, lead requirement workshop discussions with vendors, stakeholders and/or product owners; assist in the development of backlog items and acceptance criteria Work with internal and external stakeholders to understand their needs and ensure that they are reflected in the product backlog Maintain direct communications with senior and middle management Coordinate preparation of materials for Management Committee, Board of Directors and Regulatory meetings as needed Maintain Product Vision and Roadmap Understand regulatory requirements and drivers impacting development goals and plans Evaluate product changes and recommend needed process and system changes Develop functional capabilities within the organization by driving innovation and continuous process improvements Collaborate with cross-functional teams to define and prioritize the product backlog Refine the product backlog to ensure that it is ready for development Maintain product budget and forecast. Seek to optimize product delivery in the most cost effective manner. Collaborate with technology partners and teams to drive strategic plans for system development, integration and deployment Work with the Project Owners/Managers, Technology Lead, and Scrum Master to ensure that the team is following the hybrid agile methodology and that any issues are addressed in a timely manner Document and/or sign-off on acceptance criteria for user stories Ensure that the product backlog is transparent, visible, and understood by all stakeholders Ensure there is a clear traceability of requirements to deliverables Ensure the product complies with all non-functional requirements Comply with all product delivery controls and procedures Continuously monitor and evaluate the product backlog to ensure that it is meeting stakeholder needs and delivering value Identify scope gaps and missing requirements by acquiring an in-depth understanding of current state capabilities (ie, Legacy system) and future state needs Proactively identify and escalates risks and issues to the leadership team. Monitor vendor performance (where applicable) against statements of work Meet complex business needs in an efficient, flexible, and ever-improving manner Indirectly supervise project team members from across FRM and internal technology teams. May involve direct supervision of individuals or teams within one year. Qualifications: Previous experience as a Product Manager/Owner in a hybrid agile methodology is required Strong understanding of Agile product management methodologies and product development processes Excellent communication, collaboration, and presentation skills Strong interpersonal and influencing skills, including ability to interact effectively with peers, all levels of management, regulators and member firms Ability to work effectively with and lead cross-functional teams Strong analytical and problem-solving skills Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports Ability to prioritize and manage multiple tasks and projects simultaneously Ability to work independently in a fast-paced, dynamic environment Must be able to work under deadlines and manage multiple tasks Self-directed; Ability to work both independently with minimal direction or oversight in a team-oriented, collaborative environment Experience working in the financial services industry General securities markets, derivatives knowledge required Strong knowledge in multiple asset classes like equities, interest rates, volatility, commodities, and foreign currencies (Risk Pillar Specific) Experience with central counter-party clearing, settlement of derivatives, financial risk management and regulated capital markets infrastructure Willingness to roll up your sleeves and do whatever is necessary Proficiency using Jira, Confluence, Tableau and Microsoft Office applications Bachelor's degree (or equivalent) in relevant fields including Accounting, Finance, Computer Science, Management Information Systems, Engineering among others MBA, MS or equivalent graduate degree in a relevant field preferred 10+ years of financial risk management experience leading teams and building robust business processes is required 2+ years of product management experience, preferably with Risk Management products and capabilities Demonstrated experience with ensuring effective process change management 10+ years of experience in financial services/regulated capital markets infrastructure. Experience with an exchange, regulator or clearing house preferred
Request Technology - Craig Johnson
Chicago, Illinois
*Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Data Governance and Protection Analyst. Candidate will be responsible for supporting the development and implementation of the information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its life cycle. In addition, the role will work with stakeholders to define the information governance, data protection, and privacy requirements; will facilitate compliance with the identified requirements to control risk; will represent the program to internal and external stakeholders; and will support the development and implementation of training and awareness programs. This role will focus on compliance with applicable regulatory and legal rules and requirements (ie SEC-Regulation SCI, CFTC-System Safeguards, etc.) as they relate to information including support of regulatory exam and Internal Audit remediation planning, tracking, and mitigation. Responsibilities: Work with appropriate stakeholders and across the organization to create a culture that manages information as an enterprise asset Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids Identification, implementation, and use of technologies to support program objectives and classification standards Execution of controls and risk assessments (eg, third-party risk, privacy, data protection) Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident. Creation and execution of strategies to identify information across the organization and throughout its life cycle Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk Development and maintenance of the organization's Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of Legacy information Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems Collaborate with internal and external stakeholders to implement information governance, data protection, and privacy policies and requirements Support and develop training and awareness programs for information governance, data protection, and privacy. Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program. Qualifications: Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Strong strategic thinking, problem solving, and analytic skills Utilize metrics as means to improve performance Ability to adapt to change in emerging environments and work across multiple areas Experience in developing policies and procedures Experience in project management, project execution, and managing multiple priorities in a timeline driven environment Experience working in a highly regulated environment including an understanding of audit and compliance requirements Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience Experience in the financial services industry Certifications Preferred: Certifications in Information, Data, Privacy Records or Security such as: Certified Information Privacy Professional (CIPP), Certified Information Privacy Management (CIPM), Certified Records Manager (CRM), and/or Certified Information Privacy Technologist (CIPT), Certified Information Systems Security Professional (CISSP), Information Governance Professional (IGP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA)
14/05/2024
Full time
*Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Data Governance and Protection Analyst. Candidate will be responsible for supporting the development and implementation of the information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its life cycle. In addition, the role will work with stakeholders to define the information governance, data protection, and privacy requirements; will facilitate compliance with the identified requirements to control risk; will represent the program to internal and external stakeholders; and will support the development and implementation of training and awareness programs. This role will focus on compliance with applicable regulatory and legal rules and requirements (ie SEC-Regulation SCI, CFTC-System Safeguards, etc.) as they relate to information including support of regulatory exam and Internal Audit remediation planning, tracking, and mitigation. Responsibilities: Work with appropriate stakeholders and across the organization to create a culture that manages information as an enterprise asset Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids Identification, implementation, and use of technologies to support program objectives and classification standards Execution of controls and risk assessments (eg, third-party risk, privacy, data protection) Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident. Creation and execution of strategies to identify information across the organization and throughout its life cycle Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk Development and maintenance of the organization's Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of Legacy information Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems Collaborate with internal and external stakeholders to implement information governance, data protection, and privacy policies and requirements Support and develop training and awareness programs for information governance, data protection, and privacy. Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program. Qualifications: Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Strong strategic thinking, problem solving, and analytic skills Utilize metrics as means to improve performance Ability to adapt to change in emerging environments and work across multiple areas Experience in developing policies and procedures Experience in project management, project execution, and managing multiple priorities in a timeline driven environment Experience working in a highly regulated environment including an understanding of audit and compliance requirements Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience Experience in the financial services industry Certifications Preferred: Certifications in Information, Data, Privacy Records or Security such as: Certified Information Privacy Professional (CIPP), Certified Information Privacy Management (CIPM), Certified Records Manager (CRM), and/or Certified Information Privacy Technologist (CIPT), Certified Information Systems Security Professional (CISSP), Information Governance Professional (IGP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA)