Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
17/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
17/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
Job Title: Head of Production (Water Industry) Location: Green Lane, Walsall or Fulbourn Road, Cambridge (Hybrid - 3dpw in office location) Team : 3 direct reports, total team size 64 employees. Package: To 75k DOE + Company Car/Allowance + Bonus to 10% Travel: Frequent travel to Production sites including Cambridge and Hampton Loade Step into a pivotal role as our Head of Production and lead our passionate production teams to deliver pristine drinking water to communities across South Staffs and Cambridge. Drive transformative strategies that address industry challenges while championing our unwavering commitment to exceptional quality, safety, and environmental stewardship. This influential senior leadership position empowers you to oversee the day-to-day operations of water production and storage, ensuring a reliable and continuous water supply for all. Join us in making a meaningful impact-providing clean, safe water to enhance lives and sustain our communities. About us: At South Staffs Water, we deliver clean and reliable water supplies to around 1.7 million customers within the South Staffs and Cambridge regions. As a water only Company, providing clean, healthy water 24 hours a day, 365 days a year is at the very heart of what we do and that's where you come in. About the role: • Champion Human Organisation Performance (HOP) principles to drive health and safety performance improvements to mitigate critical risk / hazards. • Deliver water quality compliance risk index (CRI) outcome delivery incentive (ODI). • Deliver annual unplanned interruption outcome delivery incentive (ODI). • Deliver maintenance, compliance, and team activities within annual operating expenditure budgets. • Continuous employee engagement, staff retention and team development. The key deliverables: • Effective leadership of Production teams across both operating regions • Management and implementation of industry leading Health & Safety standards associated with all operational staff and sites. • Providing direction, strategies and tracking operational performance to ensure compliance with Defra, EA, HSE, DWI standards. • Liaising with external bodies, auditors, review bodies and regulators • Evaluation of key business processes to ensure internal controls and risk measures are effective. • Ensuring sufficient competent staff are in place and that training is evaluated and maintained at the required standard. • Effectively managing budgets for operational and capital spend • Developing strategies and tactical plans for the risk-based optimisation of maintenance and reactive interventions • Developing strategies for the management of interventions to balance the operational risks of failure. • Overall accountability for Competent Operator Scheme compliance and assurance. • Responsible for water quality compliance risk index (CRI) outcome delivery incentive (ODI). • Being part of emergency/incident standby rota. What you'll need: • Experience of Production leadership roles in a Water/Energy or similar environment • The ability to think strategically, make decisions, and set priorities. • Ability to lead, develop and motivate distributed teams in an agile environment. • Demonstrate well-honed emotional intelligence and communication skills, able to influence and build effective relationships across a range of internal and external stakeholders and act as an ambassador for the business. • Experience of managing operating and capital budgets is essential. • Demonstrate the ability to engage with internal and external stakeholders at a senior level. • Educated to degree level or equivalent experience • NEBOSH Diploma or NVQ Level 5 Diploma in H&S desired. • Hold or working towards Chartership of an Institution desired • Must hold a full UK Driving Licence. What you'll get in return: • Basic salary to £75k DOE • Bonus up to 10% • Car/Car Allowance • Matched pension contributions • Employee assistance and wellbeing programme • Private Health • Retail discounts • On-site gym • On-site nursery
17/05/2024
Full time
Job Title: Head of Production (Water Industry) Location: Green Lane, Walsall or Fulbourn Road, Cambridge (Hybrid - 3dpw in office location) Team : 3 direct reports, total team size 64 employees. Package: To 75k DOE + Company Car/Allowance + Bonus to 10% Travel: Frequent travel to Production sites including Cambridge and Hampton Loade Step into a pivotal role as our Head of Production and lead our passionate production teams to deliver pristine drinking water to communities across South Staffs and Cambridge. Drive transformative strategies that address industry challenges while championing our unwavering commitment to exceptional quality, safety, and environmental stewardship. This influential senior leadership position empowers you to oversee the day-to-day operations of water production and storage, ensuring a reliable and continuous water supply for all. Join us in making a meaningful impact-providing clean, safe water to enhance lives and sustain our communities. About us: At South Staffs Water, we deliver clean and reliable water supplies to around 1.7 million customers within the South Staffs and Cambridge regions. As a water only Company, providing clean, healthy water 24 hours a day, 365 days a year is at the very heart of what we do and that's where you come in. About the role: • Champion Human Organisation Performance (HOP) principles to drive health and safety performance improvements to mitigate critical risk / hazards. • Deliver water quality compliance risk index (CRI) outcome delivery incentive (ODI). • Deliver annual unplanned interruption outcome delivery incentive (ODI). • Deliver maintenance, compliance, and team activities within annual operating expenditure budgets. • Continuous employee engagement, staff retention and team development. The key deliverables: • Effective leadership of Production teams across both operating regions • Management and implementation of industry leading Health & Safety standards associated with all operational staff and sites. • Providing direction, strategies and tracking operational performance to ensure compliance with Defra, EA, HSE, DWI standards. • Liaising with external bodies, auditors, review bodies and regulators • Evaluation of key business processes to ensure internal controls and risk measures are effective. • Ensuring sufficient competent staff are in place and that training is evaluated and maintained at the required standard. • Effectively managing budgets for operational and capital spend • Developing strategies and tactical plans for the risk-based optimisation of maintenance and reactive interventions • Developing strategies for the management of interventions to balance the operational risks of failure. • Overall accountability for Competent Operator Scheme compliance and assurance. • Responsible for water quality compliance risk index (CRI) outcome delivery incentive (ODI). • Being part of emergency/incident standby rota. What you'll need: • Experience of Production leadership roles in a Water/Energy or similar environment • The ability to think strategically, make decisions, and set priorities. • Ability to lead, develop and motivate distributed teams in an agile environment. • Demonstrate well-honed emotional intelligence and communication skills, able to influence and build effective relationships across a range of internal and external stakeholders and act as an ambassador for the business. • Experience of managing operating and capital budgets is essential. • Demonstrate the ability to engage with internal and external stakeholders at a senior level. • Educated to degree level or equivalent experience • NEBOSH Diploma or NVQ Level 5 Diploma in H&S desired. • Hold or working towards Chartership of an Institution desired • Must hold a full UK Driving Licence. What you'll get in return: • Basic salary to £75k DOE • Bonus up to 10% • Car/Car Allowance • Matched pension contributions • Employee assistance and wellbeing programme • Private Health • Retail discounts • On-site gym • On-site nursery
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
Request Technology - Robyn Honquest
New York, New York
NO SPONSORHSHIP Internal Audit Senior - 2 to 4 years experience Looking for a candidate from a a big four firm, or a large Real Time institution like a bank Financial would be strongly preferred Only 2-4 years of experience Salary: $110k to $118k plus 10% bonus Location: McLean, VA; Plano, TX; Chicago, IL, NY NY or Irvine, CA Hybrid 3 days in office; Monday & Friday are Remote You will Conduct audits, credit and operational processes. Business/operational risk management control and governance practices. Risk based auditing accounting risk management consulting or financial data analysis. BS degree, CPA or CIA desirable but not required. Financial services or public accounting industry experience preferred. Qualifications: 2-4 years working experience in risk-based auditing, accounting, risk management, management consulting, or financial data analysis. Bachelor's degree in business, accounting, finance, management information systems, economics, or related field Certified Public Accountant or candidate (CPA), Certified Internal Auditor or candidate (CIA) desirable, but not required. Financial services or public accounting industry experience preferred. Ability to work well in a collaborative environment as well as individually. Critical thinker with ability to understand sophisticated processes and willingness to ask tough questions. Creative and analytical approach in a problem-solving environment. Previous financial services or public accounting experience Possess deep curiosity to learn about the business, current trends, and business impacts. Optimally work with and collaborate across the teams, building relationships with partners and inspiring trust
13/05/2024
Full time
NO SPONSORHSHIP Internal Audit Senior - 2 to 4 years experience Looking for a candidate from a a big four firm, or a large Real Time institution like a bank Financial would be strongly preferred Only 2-4 years of experience Salary: $110k to $118k plus 10% bonus Location: McLean, VA; Plano, TX; Chicago, IL, NY NY or Irvine, CA Hybrid 3 days in office; Monday & Friday are Remote You will Conduct audits, credit and operational processes. Business/operational risk management control and governance practices. Risk based auditing accounting risk management consulting or financial data analysis. BS degree, CPA or CIA desirable but not required. Financial services or public accounting industry experience preferred. Qualifications: 2-4 years working experience in risk-based auditing, accounting, risk management, management consulting, or financial data analysis. Bachelor's degree in business, accounting, finance, management information systems, economics, or related field Certified Public Accountant or candidate (CPA), Certified Internal Auditor or candidate (CIA) desirable, but not required. Financial services or public accounting industry experience preferred. Ability to work well in a collaborative environment as well as individually. Critical thinker with ability to understand sophisticated processes and willingness to ask tough questions. Creative and analytical approach in a problem-solving environment. Previous financial services or public accounting experience Possess deep curiosity to learn about the business, current trends, and business impacts. Optimally work with and collaborate across the teams, building relationships with partners and inspiring trust
NO SPONSORHSHIP Internal Audit Senior - 2 to 4 years experience Looking for a candidate from a a big four firm, or a large Real Time institution like a bank Financial would be strongly preferred Only 2-4 years of experience Salary: $110k to $118k plus 10% bonus Location: McLean, VA; Plano, TX; Chicago, IL, NY NY or Irvine, CA Hybrid 3 days in office; Monday & Friday are Remote You will Conduct audits, credit and operational processes. Business/operational risk management control and governance practices. Risk based auditing accounting risk management consulting or financial data analysis. BS degree, CPA or CIA desirable but not required. Financial services or public accounting industry experience preferred. Qualifications: 2-4 years working experience in risk-based auditing, accounting, risk management, management consulting, or financial data analysis. Bachelor's degree in business, accounting, finance, management information systems, economics, or related field Certified Public Accountant or candidate (CPA), Certified Internal Auditor or candidate (CIA) desirable, but not required. Financial services or public accounting industry experience preferred. Ability to work well in a collaborative environment as well as individually. Critical thinker with ability to understand sophisticated processes and willingness to ask tough questions. Creative and analytical approach in a problem-solving environment. Previous financial services or public accounting experience Possess deep curiosity to learn about the business, current trends, and business impacts. Optimally work with and collaborate across the teams, building relationships with partners and inspiring trust
13/05/2024
Full time
NO SPONSORHSHIP Internal Audit Senior - 2 to 4 years experience Looking for a candidate from a a big four firm, or a large Real Time institution like a bank Financial would be strongly preferred Only 2-4 years of experience Salary: $110k to $118k plus 10% bonus Location: McLean, VA; Plano, TX; Chicago, IL, NY NY or Irvine, CA Hybrid 3 days in office; Monday & Friday are Remote You will Conduct audits, credit and operational processes. Business/operational risk management control and governance practices. Risk based auditing accounting risk management consulting or financial data analysis. BS degree, CPA or CIA desirable but not required. Financial services or public accounting industry experience preferred. Qualifications: 2-4 years working experience in risk-based auditing, accounting, risk management, management consulting, or financial data analysis. Bachelor's degree in business, accounting, finance, management information systems, economics, or related field Certified Public Accountant or candidate (CPA), Certified Internal Auditor or candidate (CIA) desirable, but not required. Financial services or public accounting industry experience preferred. Ability to work well in a collaborative environment as well as individually. Critical thinker with ability to understand sophisticated processes and willingness to ask tough questions. Creative and analytical approach in a problem-solving environment. Previous financial services or public accounting experience Possess deep curiosity to learn about the business, current trends, and business impacts. Optimally work with and collaborate across the teams, building relationships with partners and inspiring trust
NO SPONSORHSHIP Internal Audit Senior - 2 to 4 years experience Looking for a candidate from a a big four firm, or a large Real Time institution like a bank Financial would be strongly preferred Only 2-4 years of experience Salary: $110k to $118k plus 10% bonus Location: McLean, VA; Plano, TX; Chicago, IL, NY NY or Irvine, CA Hybrid 3 days in office; Monday & Friday are Remote You will Conduct audits, credit and operational processes. Business/operational risk management control and governance practices. Risk based auditing accounting risk management consulting or financial data analysis. BS degree, CPA or CIA desirable but not required. Financial services or public accounting industry experience preferred. Qualifications: 2-4 years working experience in risk-based auditing, accounting, risk management, management consulting, or financial data analysis. Bachelor's degree in business, accounting, finance, management information systems, economics, or related field Certified Public Accountant or candidate (CPA), Certified Internal Auditor or candidate (CIA) desirable, but not required. Financial services or public accounting industry experience preferred. Ability to work well in a collaborative environment as well as individually. Critical thinker with ability to understand sophisticated processes and willingness to ask tough questions. Creative and analytical approach in a problem-solving environment. Previous financial services or public accounting experience Possess deep curiosity to learn about the business, current trends, and business impacts. Optimally work with and collaborate across the teams, building relationships with partners and inspiring trust
13/05/2024
Full time
NO SPONSORHSHIP Internal Audit Senior - 2 to 4 years experience Looking for a candidate from a a big four firm, or a large Real Time institution like a bank Financial would be strongly preferred Only 2-4 years of experience Salary: $110k to $118k plus 10% bonus Location: McLean, VA; Plano, TX; Chicago, IL, NY NY or Irvine, CA Hybrid 3 days in office; Monday & Friday are Remote You will Conduct audits, credit and operational processes. Business/operational risk management control and governance practices. Risk based auditing accounting risk management consulting or financial data analysis. BS degree, CPA or CIA desirable but not required. Financial services or public accounting industry experience preferred. Qualifications: 2-4 years working experience in risk-based auditing, accounting, risk management, management consulting, or financial data analysis. Bachelor's degree in business, accounting, finance, management information systems, economics, or related field Certified Public Accountant or candidate (CPA), Certified Internal Auditor or candidate (CIA) desirable, but not required. Financial services or public accounting industry experience preferred. Ability to work well in a collaborative environment as well as individually. Critical thinker with ability to understand sophisticated processes and willingness to ask tough questions. Creative and analytical approach in a problem-solving environment. Previous financial services or public accounting experience Possess deep curiosity to learn about the business, current trends, and business impacts. Optimally work with and collaborate across the teams, building relationships with partners and inspiring trust