Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
17/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
17/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Manager of Internal Audit and Information Security. Candidate will manage independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Responsibilities: Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Leading audits related to organization changes including business requirements definitions, technology implementations (eg, changes to the supported business processes), engagement and alignment of change initiatives to business objectives. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices. Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary. Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education. Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc. Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives. Planning, leading and reporting for risk-based and special request audit assignments. Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership. Developing and maintaining effective relationships with business groups and leadership and partnering with management. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience. Qualifications: Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions. Strong problem solving and analytical capabilities. Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports. Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion. Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: [Required] Microsoft Office applications [Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software [Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday Education and/or Experience: [Required] Bachelor's degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. [Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
Manager, Internal Audit - IT/Security Salary: open + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of experience in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software. Security tools such as: CyberArk, Splunk, SailPoint Change management tools such as: ServiceNow, Jira, Confluence, GitHub Preferred Databases such as: Oracle, DB2, SQL Cloud-based solutions: AWS, Azure, Oracle Cloud, Workday Relevant Certifications Responsibilities Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality, and auditee experience.
17/05/2024
Full time
Manager, Internal Audit - IT/Security Salary: open + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of experience in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software. Security tools such as: CyberArk, Splunk, SailPoint Change management tools such as: ServiceNow, Jira, Confluence, GitHub Preferred Databases such as: Oracle, DB2, SQL Cloud-based solutions: AWS, Azure, Oracle Cloud, Workday Relevant Certifications Responsibilities Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality, and auditee experience.
Manager, Internal Audit - IT/Security Salary: open + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of experience in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software. Security tools such as: CyberArk, Splunk, SailPoint Change management tools such as: ServiceNow, Jira, Confluence, GitHub Preferred Databases such as: Oracle, DB2, SQL Cloud-based solutions: AWS, Azure, Oracle Cloud, Workday Relevant Certifications Responsibilities Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality, and auditee experience.
17/05/2024
Full time
Manager, Internal Audit - IT/Security Salary: open + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5+ years of experience in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software. Security tools such as: CyberArk, Splunk, SailPoint Change management tools such as: ServiceNow, Jira, Confluence, GitHub Preferred Databases such as: Oracle, DB2, SQL Cloud-based solutions: AWS, Azure, Oracle Cloud, Workday Relevant Certifications Responsibilities Aid in the development of the risk assessment and comprehensive audit plan on an annual basis. Lead multiple audits and validations simultaneously. Defining and leading the execution of audit projects in accordance with the annual audit plan. Owning the audit quality, accuracy of results, and delivery in a timely manner. Ability to clearly articulate professional principles and standards (eg, AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls. Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation. Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality, and auditee experience.
Job Title - Service Management Lead - Finance Shared Services Location - Newcastle Upon Tyne - Hybrid (3 dpw on-site) Salary - £40 - £45K Per Annum Benefits - Excellent Benefits The Client - Curo are Partnering with a Global Organisation, consisting of Designers, Engineers and Consultants, dedicated to sustainable development. They support their clients to solve the most complex challenges, turning their ideas into reality, leveraging the latest technology. The Candidate - This role requires a candidate with excellent commercial acumen, who can ensure consistency with professional and clear formatted documents. This role will be focused on the on the process of on boarding of new client accounts, including monthly reporting packs, service review documents, and documenting financial processes. There will be no team or stakeholder management, this is a project based role in support of the Delivery Managers. There will be involvement in client review meetings, however this will be from the perspective of governance and risk, and ensuring that actions and follow up's are recorded. This role requires a natural rapport builder with the ability to manage up and down, as well as being able to take stock and document current processes, and support in change management. The key deliverable is a Service Catalogue, with new uniform processes and procedures, to maximise efficiency, and streamline where possible. The Role - The Service Management Lead, in Finance Shared Services is responsible for leading the global implementation and operation of processes and activities to facilitate the effective governance of services provided by the Finance SSC teams. This includes the documentation and definition of the services provided to each country supported, the establishment and agreement of targets to be delivered from the services, the establishment and coordination of a consistent service review process with agreed stakeholders and SSC members, the tracking of actions and status and effective change control to manage changes in scope of services. The Service Management Lead enables and facilitates the governance processes as a support to the SSC leadership, but accountability for the services and outcomes sits with the operational teams in the SSC. Key responsibilities: Establish and maintain a service definition to ensure ongoing clarity in scope of service expected outcomes for all countries supported Develop RACI (Responsible, Accountable, Consulted, and Informed) documentation for the activities supported, clarifying respective responsibilities between the SSC and its partners. Facilitate review between SSC managers and SSC stakeholders to align on definition of service Work with the SSC managers to propose appropriate Service Levels and KPIs (Key Performance Indicators) for the services delivered and support the agreement of these metrics with Stakeholders. Establish and oversee a program of standardized service review meetings between SSC and internal customers to discuss service progress, process performance, issues, and challenges, ensuring the outcomes to the meetings are captured and actions followed up on both the customer and SSC sides. Establish a change control process to allow for appropriate review of services provided and changes requested with a view to maximizing standardization, ensuring effective resourcing and realistic deliverables. Ensure compliance with relevant laws, regulations, and global standard policies and procedures including tax and accounting regulations. Define, implement, and maintain documentation online to maximize the transparency of all aspects of the services provided and processes supported. Requirements: Experience in a highly governed or regulated environment such as financial services or shared services or outsourcing Expertise in stakeholder management, preferably in a complex environment Excellent understanding of finance processes Background in process mapping and documentation, with expertise in production of service definition/contractual scoping documentation. First-hand experience of operational environments where the governance of service has been necessary to ensure successful delivery Expert in the production of RACI documentation Excellent relationship builder, maximizing trust and reliability Superb communicator Advanced MS Office skills with the ability to present information in a credible and professional structure and format to support buy in. Curious and interested mindset who will constantly seek to understand and improve the understanding of others A partner and supportive approach to the work aimed at promoting and recognizing the efforts and achievements of SSC teams to support building their confidence and sense of fulfilment. To apply for this Service Management Lead - Finance Shared Services permanent job, please click the button below and submit your latest CV. Curo Services endeavours to respond to all applications, however this may not always be possible during periods of high volume. Thank you for your patience. Curo Services is a trading name of Curo Resourcing Ltd and acts as an Employment Business for contract and temporary recruitment as well as an Employment Agency in relation to permanent vacancies.
16/05/2024
Full time
Job Title - Service Management Lead - Finance Shared Services Location - Newcastle Upon Tyne - Hybrid (3 dpw on-site) Salary - £40 - £45K Per Annum Benefits - Excellent Benefits The Client - Curo are Partnering with a Global Organisation, consisting of Designers, Engineers and Consultants, dedicated to sustainable development. They support their clients to solve the most complex challenges, turning their ideas into reality, leveraging the latest technology. The Candidate - This role requires a candidate with excellent commercial acumen, who can ensure consistency with professional and clear formatted documents. This role will be focused on the on the process of on boarding of new client accounts, including monthly reporting packs, service review documents, and documenting financial processes. There will be no team or stakeholder management, this is a project based role in support of the Delivery Managers. There will be involvement in client review meetings, however this will be from the perspective of governance and risk, and ensuring that actions and follow up's are recorded. This role requires a natural rapport builder with the ability to manage up and down, as well as being able to take stock and document current processes, and support in change management. The key deliverable is a Service Catalogue, with new uniform processes and procedures, to maximise efficiency, and streamline where possible. The Role - The Service Management Lead, in Finance Shared Services is responsible for leading the global implementation and operation of processes and activities to facilitate the effective governance of services provided by the Finance SSC teams. This includes the documentation and definition of the services provided to each country supported, the establishment and agreement of targets to be delivered from the services, the establishment and coordination of a consistent service review process with agreed stakeholders and SSC members, the tracking of actions and status and effective change control to manage changes in scope of services. The Service Management Lead enables and facilitates the governance processes as a support to the SSC leadership, but accountability for the services and outcomes sits with the operational teams in the SSC. Key responsibilities: Establish and maintain a service definition to ensure ongoing clarity in scope of service expected outcomes for all countries supported Develop RACI (Responsible, Accountable, Consulted, and Informed) documentation for the activities supported, clarifying respective responsibilities between the SSC and its partners. Facilitate review between SSC managers and SSC stakeholders to align on definition of service Work with the SSC managers to propose appropriate Service Levels and KPIs (Key Performance Indicators) for the services delivered and support the agreement of these metrics with Stakeholders. Establish and oversee a program of standardized service review meetings between SSC and internal customers to discuss service progress, process performance, issues, and challenges, ensuring the outcomes to the meetings are captured and actions followed up on both the customer and SSC sides. Establish a change control process to allow for appropriate review of services provided and changes requested with a view to maximizing standardization, ensuring effective resourcing and realistic deliverables. Ensure compliance with relevant laws, regulations, and global standard policies and procedures including tax and accounting regulations. Define, implement, and maintain documentation online to maximize the transparency of all aspects of the services provided and processes supported. Requirements: Experience in a highly governed or regulated environment such as financial services or shared services or outsourcing Expertise in stakeholder management, preferably in a complex environment Excellent understanding of finance processes Background in process mapping and documentation, with expertise in production of service definition/contractual scoping documentation. First-hand experience of operational environments where the governance of service has been necessary to ensure successful delivery Expert in the production of RACI documentation Excellent relationship builder, maximizing trust and reliability Superb communicator Advanced MS Office skills with the ability to present information in a credible and professional structure and format to support buy in. Curious and interested mindset who will constantly seek to understand and improve the understanding of others A partner and supportive approach to the work aimed at promoting and recognizing the efforts and achievements of SSC teams to support building their confidence and sense of fulfilment. To apply for this Service Management Lead - Finance Shared Services permanent job, please click the button below and submit your latest CV. Curo Services endeavours to respond to all applications, however this may not always be possible during periods of high volume. Thank you for your patience. Curo Services is a trading name of Curo Resourcing Ltd and acts as an Employment Business for contract and temporary recruitment as well as an Employment Agency in relation to permanent vacancies.
The Armament supervisor is responsible to the Armament lead and should be an experienced and skilled technician undertaking a range of detailed maintenance activities on aircraft equipment and/or aircraft components. The post holder should have an excellent understanding of the construct of the approved Technical Information set and is competent to supervise personnel who are working on maintenance instructions and in accordance with the organisation's Regulatory Framework and should be able to demonstrate a distinct ability to analyse and diagnose faults to equipment & assemblies, follow diagnostic procedures and work effectively within a team providing guidance to less experienced team members in a diverse and dynamic operational environment. Responsible for maintaining airworthiness through appropriate task delegation and authorisation on an aircraft or aircraft component. Responsible for meeting agreed delivery targets at a tactical level. Demonstrates people management and leadership skills Demonstrates awareness of broader external dependencies and identifies areas for continuous improvement. In addition the Post Holder shall hold certain privileges delegated from the Maintenance Manager. RequirementsCore Activities: Undertake detailed maintenance, inspection and supervision activities of aircraft components. Assuring work carried out has been completed in accordance with the SOW/Work package using the relevant approved technical information. Resolving faults and maintenance issues, including an awareness of configuration management. Undertake and complete tasked maintenance & diagnostic activities on weapons systems/components which will include, as appropriate, component removals, inspections, repairs, modifications, fault rectifications, replacements and/or functional/system test. Will be responsible for the operational output of each Component MRO Workshop under their control in line with agreed customer requirements. Post holder will also have responsibilities for the cost and schedule adherence of the component maintenance activities. Supervise team to ensure that maintenance is undertaken to schedule and highlight any issues, escalate as required. Report on any impact to the wider programme. Responsible for meeting agreed delivery targets in the short to medium term through the supervision of others. Progress reporting against delivery targets to management. Undertake support tasks within the component maintenance facility which are required to maintain compliance with the MOE and AMC procedures (eg oversight checks, control of tooling/test equipment etc.) Undertake fault evaluation and raise ad hoc work cards and for found faults' during maintenance. Ability to scope and carry out independent and vital inspections. Maintain personal & teams task authorisation for working on components in accordance with AMC requirements. Required to provide support and guidance, including allocation of tasks to appropriately authorised maintenance technicians. Provide effective leadership and supervision to team members under your direct supervision. Key Activities: Performance indicators - Ensure the effective management of Part 145 activities by setting delivery targets, monitoring progress and developing performance improvement programmes. Prioritises activities within/across teams to maximise efficiency. Represents the Maintenance Manager at management reviews, where necessary. Responsible for the assessment of escalated issues for any impact on Continuing Airworthiness and generating effective resolution, or sponsoring escalation to management, as appropriate. Completion of activities - Ensure all Part 145 activities are appropriately documented and airworthiness records are maintained on relevant systems (IT/paper based). Ensure all Part 145 activities are performed by suitably qualified, experienced and authorised personnel. Ensure the integration of Part 145 activity within the business, including the engagement of key stakeholders at all stages of the process. Provide support and guidance to the team(s). Procedure/standards - Manage the Part 145 team(s) compliance with the Part 145 Exposition, its associated procedures and standards, and any other Company procedures and standards, as applicable. Identify, propose and implement change as required, whilst ensuring compliance. Safety Management System - Promote the application of Human Factors, Error Management, Risk Management and Safety Assurance within the Part 145 team(s), together with the proactive analysis, mitigation and management of Hazards. Management System Assurance - Ensure Part 145 team(s) activities are compliant with the AM&S Governance and Assurance framework. Ensure Process Confirmations and independent assurance audits are supported by Part 145 personnel and integrated within/across teams. Manage the response to audit findings in a timely and appropriate manner and provide information into the relevant reviews. Generate and implement effective improvements within/across teams to overcome any non-compliance and monitor effectiveness. Statutory/Regulatory & Legislative requirements - Able to demonstrate a good understanding and application of the relevant Continuing Airworthiness Regulatory framework, and ensure any Regulatory-driven changes are implemented within the Part 145 team(s) activities. Ensure compliance with all other requirements, eg ITAR, EaPW, ISO, etc. Contractual Requirements - Ensure compliance with all applicable contractual requirements, eg through support to contract reviews, and ensure any changes are implemented into the Part 145 activities, as appropriate. Requirements: Completion of an Engineering Apprenticeship, ideally in Aeronautical Engineering or Military equivalent apprenticeship/qualifications. Academic qualification for this role is a minimum of City & Guilds 2675 or 2661 in Aeronautical Engineering and Maintenance or equivalent. Experienced and competent leader at this level. Typically 2+ years' experience including type, classed as fully competent with all required 'Authorities' in place. Demonstrating breadth of experience, currency & recency via a Log Book (electronic or paper) capturing skills, knowledge and authorities for working on Aircraft type or in bays. Practical experience and expertise in the application of aviation safety standards and safe operating practices. A comprehensive knowledge of the Acceptable Means of Compliance. Management training. Leadership- Foundation. Human Factors- Standard Course Specification. E&PW Awareness- Standard Course Specification. ITAR Awareness- Standard Course Specification. Benefits Competitive Basic Salary 25 Days Annual Leave Annual Bonus On site Parking Pension Scheme Life Assurance
16/05/2024
Full time
The Armament supervisor is responsible to the Armament lead and should be an experienced and skilled technician undertaking a range of detailed maintenance activities on aircraft equipment and/or aircraft components. The post holder should have an excellent understanding of the construct of the approved Technical Information set and is competent to supervise personnel who are working on maintenance instructions and in accordance with the organisation's Regulatory Framework and should be able to demonstrate a distinct ability to analyse and diagnose faults to equipment & assemblies, follow diagnostic procedures and work effectively within a team providing guidance to less experienced team members in a diverse and dynamic operational environment. Responsible for maintaining airworthiness through appropriate task delegation and authorisation on an aircraft or aircraft component. Responsible for meeting agreed delivery targets at a tactical level. Demonstrates people management and leadership skills Demonstrates awareness of broader external dependencies and identifies areas for continuous improvement. In addition the Post Holder shall hold certain privileges delegated from the Maintenance Manager. RequirementsCore Activities: Undertake detailed maintenance, inspection and supervision activities of aircraft components. Assuring work carried out has been completed in accordance with the SOW/Work package using the relevant approved technical information. Resolving faults and maintenance issues, including an awareness of configuration management. Undertake and complete tasked maintenance & diagnostic activities on weapons systems/components which will include, as appropriate, component removals, inspections, repairs, modifications, fault rectifications, replacements and/or functional/system test. Will be responsible for the operational output of each Component MRO Workshop under their control in line with agreed customer requirements. Post holder will also have responsibilities for the cost and schedule adherence of the component maintenance activities. Supervise team to ensure that maintenance is undertaken to schedule and highlight any issues, escalate as required. Report on any impact to the wider programme. Responsible for meeting agreed delivery targets in the short to medium term through the supervision of others. Progress reporting against delivery targets to management. Undertake support tasks within the component maintenance facility which are required to maintain compliance with the MOE and AMC procedures (eg oversight checks, control of tooling/test equipment etc.) Undertake fault evaluation and raise ad hoc work cards and for found faults' during maintenance. Ability to scope and carry out independent and vital inspections. Maintain personal & teams task authorisation for working on components in accordance with AMC requirements. Required to provide support and guidance, including allocation of tasks to appropriately authorised maintenance technicians. Provide effective leadership and supervision to team members under your direct supervision. Key Activities: Performance indicators - Ensure the effective management of Part 145 activities by setting delivery targets, monitoring progress and developing performance improvement programmes. Prioritises activities within/across teams to maximise efficiency. Represents the Maintenance Manager at management reviews, where necessary. Responsible for the assessment of escalated issues for any impact on Continuing Airworthiness and generating effective resolution, or sponsoring escalation to management, as appropriate. Completion of activities - Ensure all Part 145 activities are appropriately documented and airworthiness records are maintained on relevant systems (IT/paper based). Ensure all Part 145 activities are performed by suitably qualified, experienced and authorised personnel. Ensure the integration of Part 145 activity within the business, including the engagement of key stakeholders at all stages of the process. Provide support and guidance to the team(s). Procedure/standards - Manage the Part 145 team(s) compliance with the Part 145 Exposition, its associated procedures and standards, and any other Company procedures and standards, as applicable. Identify, propose and implement change as required, whilst ensuring compliance. Safety Management System - Promote the application of Human Factors, Error Management, Risk Management and Safety Assurance within the Part 145 team(s), together with the proactive analysis, mitigation and management of Hazards. Management System Assurance - Ensure Part 145 team(s) activities are compliant with the AM&S Governance and Assurance framework. Ensure Process Confirmations and independent assurance audits are supported by Part 145 personnel and integrated within/across teams. Manage the response to audit findings in a timely and appropriate manner and provide information into the relevant reviews. Generate and implement effective improvements within/across teams to overcome any non-compliance and monitor effectiveness. Statutory/Regulatory & Legislative requirements - Able to demonstrate a good understanding and application of the relevant Continuing Airworthiness Regulatory framework, and ensure any Regulatory-driven changes are implemented within the Part 145 team(s) activities. Ensure compliance with all other requirements, eg ITAR, EaPW, ISO, etc. Contractual Requirements - Ensure compliance with all applicable contractual requirements, eg through support to contract reviews, and ensure any changes are implemented into the Part 145 activities, as appropriate. Requirements: Completion of an Engineering Apprenticeship, ideally in Aeronautical Engineering or Military equivalent apprenticeship/qualifications. Academic qualification for this role is a minimum of City & Guilds 2675 or 2661 in Aeronautical Engineering and Maintenance or equivalent. Experienced and competent leader at this level. Typically 2+ years' experience including type, classed as fully competent with all required 'Authorities' in place. Demonstrating breadth of experience, currency & recency via a Log Book (electronic or paper) capturing skills, knowledge and authorities for working on Aircraft type or in bays. Practical experience and expertise in the application of aviation safety standards and safe operating practices. A comprehensive knowledge of the Acceptable Means of Compliance. Management training. Leadership- Foundation. Human Factors- Standard Course Specification. E&PW Awareness- Standard Course Specification. ITAR Awareness- Standard Course Specification. Benefits Competitive Basic Salary 25 Days Annual Leave Annual Bonus On site Parking Pension Scheme Life Assurance
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
16/05/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Global Firm is currently seeking a GRC Security Risk Specialist. Candidate will work on the Governance, Risk Compliance team, leads and executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical/non-technical management and the user community), and performs key risk management functions within the Security Governance department. Primary functions include life cycle management of client responses, Policy & Standards life cycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platform and program management. Responsibilities: Respond to security assessments, questionnaires and audits from clients and third-party business partners in a timely manner. Document and perform assessments as needed. Technical writing for policies, standards and communications. Lead in the creation and maintenance of security policies, standards, processes guidelines and support documentation. Lead, evaluate, and supports the processes necessary to assure that Information Technology (IT) systems meet the organization's cyber security and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Serve as a subject matter expert for Information Security consulting to technical/non-technical management and staff. Manage and support the 3rd Party Security Vendor Risk Management program and lifec-ycle. Manage the exception request process and consult as needed. Lead the Security Awareness program. This includes road-map development, measurement, and evaluation of cyber training/education courses and methods based on instructional needs. Management and support of the GRC technology platforms. Conduct evaluations of an IT program or its individual components to determine compliance with published standards. Qualifications: Bachelor's degree or five (5) years of work experience in IT Security is required. Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred. Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required Prior IT Security experience in the legal industry experience is preferred. Technical writing experience is required. Experience with instructional content, educational writing, and technical writing strongly preferred. Four (4) years of Information Security experience required. Those containing hands on technical experience are preferred. Three or more years of experience managing timelines and being self-directed preferred. Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. Client focus, including tact and diplomacy is required. Interview, gather, and understand content from subject-matter experts Maintain accurate records and manage client security and risk requests Ability to perform as primary Security Subject Matter Expert (SME). Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation. Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the Firm s security program and controls. Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents. Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management and non-technical users. Communicates succinctly and effectively Strong organization and problem-solving skills required Strong project and time management skills required Strong reading comprehension skills required Strong analytical ability with excellent written and verbal communication skills required Strong PC skills with Microsoft (ie Word, Excel, PowerPoint) required Ability to work independently and as a group member is required SharePoint administration is preferred for team Intranet site management Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options. Strong knowledge of risk management principles and practices. Strong knowledge of security administration and role-based security controls. Strong knowledge and use of GRC platforms. Knowledge of host and network-based anti-malware technologies. Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote. Knowledge of client and server Firewalling technologies and capabilities. Knowledge of security event management (SIEM), event correlation and analysis technologies. Knowledge of data encryption technologies. Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities. Knowledge of web filtering and email SPAM prevention techniques. Knowledge of vulnerability assessment and forensic investigations tools. Knowledge of mobile device security and Mobile Device Management solutions. Knowledge of Privileged Access Management technologies. Preferred Skills: Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are preferred.
Sustainability Manager - Permanent - ASAP start XXX are a leading global workplace technology integrator, providing AV and managed services across multiple client partnerships globally. As the Head of Environmental Social Governance at XXX, you will provide visionary leadership in shaping and implementing ESG and sustainability strategies. Your role will encompass comprehensive reporting, including ESG, Scope 1, 2, and 3, as well as managing compliance with the BSI 14001 Standard. After establishing the ESG objectives and targets, the in-house Sustainability Manager will need to continuously monitor the outcome and report as per the deliverables in the responsibilities below. Key Responsibilities ESG & Sustainability Strategy: develop, execute, and oversee a comprehensive ESG and sustainability strategy aligned with our corporate mission, values, and long-term objectives whilst ensuring alignment with global standards and investor expectations. Scope 1, 2 and 3 reporting: oversee the collection, analysis, and reporting of Scope 1, 2 & 3 data to demonstrate environmental impact and progress. BSI 14001 Standard Management: manage the continuous improvement of BSI 14001 Environmental Management System (EMS) to maintain certification. Stakeholder Engagement: foster relationships with internal and external stakeholders, including employees, clients, suppliers, and industry peers, to promote ESG and sustainability collaboration and support. Sustainability Initiatives: plan and execute sustainability programs, emphasising resource efficiency, responsible sourcing, and circular economy principles. Ethical Practices: ensure ethical practices throughout our operations, including fair labour, diversity, and anti-corruption measures. Community Engagement: develop partnerships with local communities, contributing to philanthropic activities, volunteerism, and community-based projects. ESG & Sustainability Reporting: prepare and publish annual ESG and sustainability reports, adhering to relevant regulations, global reporting frameworks, and investor disclosure requirements. Risk Management: identify and mitigate ESG and sustainability-related risks through proactive measures and strategy development. Innovation & Best Practices: stay informed of ESG and sustainability trends, emerging best practices, and industry benchmarks, and integrate these into our initiatives. Supplier Engagement: work closely with our suppliers to promote sustainable practices, ensure ethical sourcing, and responsible production methods. Ensure improvement is measured and tracked. Glidepath to Net-Zeo: provide a transition programme identifying clear milestones and industry recognised certifications including EcoVadis, SBTI etc. Requirements Bachelor's degree in ESG, sustainability, business, or a related field (Masters' degree preferred). Leadership experience in ESG & Sustainability, preferably within the workplace technology industry. Demonstrated experience in ESG reporting, Scope 1, 2 & 3 emissions, and BSI 14001 management. Exceptional communication, stakeholder management, and leadership skills. Strong analytical and problem-solving abilities. Ability to inspire and lead cross-function teams toward ESG & sustainability goals. Familiarity with ESG reporting and relevant certifications. A strong commitment to advancing social responsibility and sustainability as drivers of positive change. Genuine passion for ESG and eager to become part of our ambitious plans. Proven track record and experience creating and deploying ESG processes. Experience in sustainability management and strategy development. If you are looking for your next permanent position, contact me on the details below.
15/05/2024
Full time
Sustainability Manager - Permanent - ASAP start XXX are a leading global workplace technology integrator, providing AV and managed services across multiple client partnerships globally. As the Head of Environmental Social Governance at XXX, you will provide visionary leadership in shaping and implementing ESG and sustainability strategies. Your role will encompass comprehensive reporting, including ESG, Scope 1, 2, and 3, as well as managing compliance with the BSI 14001 Standard. After establishing the ESG objectives and targets, the in-house Sustainability Manager will need to continuously monitor the outcome and report as per the deliverables in the responsibilities below. Key Responsibilities ESG & Sustainability Strategy: develop, execute, and oversee a comprehensive ESG and sustainability strategy aligned with our corporate mission, values, and long-term objectives whilst ensuring alignment with global standards and investor expectations. Scope 1, 2 and 3 reporting: oversee the collection, analysis, and reporting of Scope 1, 2 & 3 data to demonstrate environmental impact and progress. BSI 14001 Standard Management: manage the continuous improvement of BSI 14001 Environmental Management System (EMS) to maintain certification. Stakeholder Engagement: foster relationships with internal and external stakeholders, including employees, clients, suppliers, and industry peers, to promote ESG and sustainability collaboration and support. Sustainability Initiatives: plan and execute sustainability programs, emphasising resource efficiency, responsible sourcing, and circular economy principles. Ethical Practices: ensure ethical practices throughout our operations, including fair labour, diversity, and anti-corruption measures. Community Engagement: develop partnerships with local communities, contributing to philanthropic activities, volunteerism, and community-based projects. ESG & Sustainability Reporting: prepare and publish annual ESG and sustainability reports, adhering to relevant regulations, global reporting frameworks, and investor disclosure requirements. Risk Management: identify and mitigate ESG and sustainability-related risks through proactive measures and strategy development. Innovation & Best Practices: stay informed of ESG and sustainability trends, emerging best practices, and industry benchmarks, and integrate these into our initiatives. Supplier Engagement: work closely with our suppliers to promote sustainable practices, ensure ethical sourcing, and responsible production methods. Ensure improvement is measured and tracked. Glidepath to Net-Zeo: provide a transition programme identifying clear milestones and industry recognised certifications including EcoVadis, SBTI etc. Requirements Bachelor's degree in ESG, sustainability, business, or a related field (Masters' degree preferred). Leadership experience in ESG & Sustainability, preferably within the workplace technology industry. Demonstrated experience in ESG reporting, Scope 1, 2 & 3 emissions, and BSI 14001 management. Exceptional communication, stakeholder management, and leadership skills. Strong analytical and problem-solving abilities. Ability to inspire and lead cross-function teams toward ESG & sustainability goals. Familiarity with ESG reporting and relevant certifications. A strong commitment to advancing social responsibility and sustainability as drivers of positive change. Genuine passion for ESG and eager to become part of our ambitious plans. Proven track record and experience creating and deploying ESG processes. Experience in sustainability management and strategy development. If you are looking for your next permanent position, contact me on the details below.
One of our leading PLC clients is looking for a Data & Analytics Manager to support a major tech-driven transformation agenda within the business. Role: Data & Analytics Governance and Management Manager Salary: £60k - £80k depending on experience Location: 2-3 days a week in a Midlands office Hiring Manager describes the role as: "We are seeking a Data & Analytics Manager who will be the link between the business and 3rd party suppliers from a D&A perspective to ensure successful delivery of various tech-driven transformation programmes as part of our wider change agenda. You will be responsible for leading a team of D&A Analysts, within the IT Function, to understand core business problems and identify solutions/best practice for data and analytics. We are currently undergoing a significant company-wide target operating model change agenda, that will be predominantly tech-driven and this role will play a big part in supporting the success of this major change. Your role will be to work with the various business functions and 3rd party suppliers to ensure D&A delivery and operations are held to the required performance standard and result in successful transformation initiatives." Responsibilities: Oversee D&A services to meet the requirements of the businesses, ensuring best practice is adhered too Develop and deliver end-to-end data architecture principles, standards and enterprise data model Produce data-driven insights to support more informed decision making across the business Overseeing the analysis of large datasets to extract meaningful insights and trends, working with the business to translate business requirements into the development of analytics and data science solutions Identifying and mitigating risks associated with data management Ensure compliance with IT governance and regulations Key requirements: Experience working in IT and D&A leadership roles, developing pragmatic D&A strategies Supported the delivery of major transformational change through being the link between the business, technical teams and 3rd party suppliers within Data & Analytics Extensive experience within data management and data governance within a complex large organisation Have led and managed teams of D&A analysts, developing their skills to ensure best practice Strong Stakeholder management skills, able to engage with stakeholders at all levels of the business This is a permanent opportunity , with 2-3 days a week travel required to a Midlands location. If you feel you match the above requirements, then please apply with your updated CV. Please note, due to the number of applications we may not be able to respond to all unsuccessful applicants.
15/05/2024
Full time
One of our leading PLC clients is looking for a Data & Analytics Manager to support a major tech-driven transformation agenda within the business. Role: Data & Analytics Governance and Management Manager Salary: £60k - £80k depending on experience Location: 2-3 days a week in a Midlands office Hiring Manager describes the role as: "We are seeking a Data & Analytics Manager who will be the link between the business and 3rd party suppliers from a D&A perspective to ensure successful delivery of various tech-driven transformation programmes as part of our wider change agenda. You will be responsible for leading a team of D&A Analysts, within the IT Function, to understand core business problems and identify solutions/best practice for data and analytics. We are currently undergoing a significant company-wide target operating model change agenda, that will be predominantly tech-driven and this role will play a big part in supporting the success of this major change. Your role will be to work with the various business functions and 3rd party suppliers to ensure D&A delivery and operations are held to the required performance standard and result in successful transformation initiatives." Responsibilities: Oversee D&A services to meet the requirements of the businesses, ensuring best practice is adhered too Develop and deliver end-to-end data architecture principles, standards and enterprise data model Produce data-driven insights to support more informed decision making across the business Overseeing the analysis of large datasets to extract meaningful insights and trends, working with the business to translate business requirements into the development of analytics and data science solutions Identifying and mitigating risks associated with data management Ensure compliance with IT governance and regulations Key requirements: Experience working in IT and D&A leadership roles, developing pragmatic D&A strategies Supported the delivery of major transformational change through being the link between the business, technical teams and 3rd party suppliers within Data & Analytics Extensive experience within data management and data governance within a complex large organisation Have led and managed teams of D&A analysts, developing their skills to ensure best practice Strong Stakeholder management skills, able to engage with stakeholders at all levels of the business This is a permanent opportunity , with 2-3 days a week travel required to a Midlands location. If you feel you match the above requirements, then please apply with your updated CV. Please note, due to the number of applications we may not be able to respond to all unsuccessful applicants.
NO SPONSORSHIP Manager, Internal Audit Information Technology & Security SALARY: $130k - $165k plus 15% bonus LOCATION: Dallas, TX 3 days in office 2 days remote Looking for a Manager of audit of information technology and security. You will manage a staff over Microsoft applications, archer and GRC. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Qualifications Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Familiarity with: CyberArk, Splunk, SailPoint Familiarity with: ServiceNow, Jira, Confluence, GitHub Bachelor's degree 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
14/05/2024
Full time
NO SPONSORSHIP Manager, Internal Audit Information Technology & Security SALARY: $130k - $165k plus 15% bonus LOCATION: Dallas, TX 3 days in office 2 days remote Looking for a Manager of audit of information technology and security. You will manage a staff over Microsoft applications, archer and GRC. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Qualifications Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Familiarity with: CyberArk, Splunk, SailPoint Familiarity with: ServiceNow, Jira, Confluence, GitHub Bachelor's degree 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
NO SPONSORSHIP Manager, Internal Audit Information Technology & Security SALARY: $130k - $165k plus 15% bonus LOCATION: Chicago, IL 3 days in office 2 days remote Looking for a Manager of audit of information technology and security. You will manage a staff over Microsoft applications, archer and GRC. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Qualifications Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Familiarity with: CyberArk, Splunk, SailPoint Familiarity with: ServiceNow, Jira, Confluence, GitHub Bachelor's degree 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
14/05/2024
Full time
NO SPONSORSHIP Manager, Internal Audit Information Technology & Security SALARY: $130k - $165k plus 15% bonus LOCATION: Chicago, IL 3 days in office 2 days remote Looking for a Manager of audit of information technology and security. You will manage a staff over Microsoft applications, archer and GRC. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development. Qualifications Experience working in a complex, fast paced environment. Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Consulting and/or accounting firm experience. Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). Technical Skills: Microsoft Office applications Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Familiarity with: CyberArk, Splunk, SailPoint Familiarity with: ServiceNow, Jira, Confluence, GitHub Bachelor's degree 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits. Certificates or Licenses: [One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
Request Technology - Craig Johnson
Chicago, Illinois
*Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Data Governance and Protection Analyst. Candidate will be responsible for supporting the development and implementation of the information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its life cycle. In addition, the role will work with stakeholders to define the information governance, data protection, and privacy requirements; will facilitate compliance with the identified requirements to control risk; will represent the program to internal and external stakeholders; and will support the development and implementation of training and awareness programs. This role will focus on compliance with applicable regulatory and legal rules and requirements (ie SEC-Regulation SCI, CFTC-System Safeguards, etc.) as they relate to information including support of regulatory exam and Internal Audit remediation planning, tracking, and mitigation. Responsibilities: Work with appropriate stakeholders and across the organization to create a culture that manages information as an enterprise asset Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids Identification, implementation, and use of technologies to support program objectives and classification standards Execution of controls and risk assessments (eg, third-party risk, privacy, data protection) Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident. Creation and execution of strategies to identify information across the organization and throughout its life cycle Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk Development and maintenance of the organization's Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of Legacy information Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems Collaborate with internal and external stakeholders to implement information governance, data protection, and privacy policies and requirements Support and develop training and awareness programs for information governance, data protection, and privacy. Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program. Qualifications: Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Strong strategic thinking, problem solving, and analytic skills Utilize metrics as means to improve performance Ability to adapt to change in emerging environments and work across multiple areas Experience in developing policies and procedures Experience in project management, project execution, and managing multiple priorities in a timeline driven environment Experience working in a highly regulated environment including an understanding of audit and compliance requirements Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience Experience in the financial services industry Certifications Preferred: Certifications in Information, Data, Privacy Records or Security such as: Certified Information Privacy Professional (CIPP), Certified Information Privacy Management (CIPM), Certified Records Manager (CRM), and/or Certified Information Privacy Technologist (CIPT), Certified Information Systems Security Professional (CISSP), Information Governance Professional (IGP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA)
14/05/2024
Full time
*Position is bonus eligible* Prestigious Financial Company is currently seeking an Information Data Governance and Protection Analyst. Candidate will be responsible for supporting the development and implementation of the information governance, data protection, and privacy program. This includes supporting the development of strategies, policies, procedures, and controls related to the governance and protection of information throughout its life cycle. In addition, the role will work with stakeholders to define the information governance, data protection, and privacy requirements; will facilitate compliance with the identified requirements to control risk; will represent the program to internal and external stakeholders; and will support the development and implementation of training and awareness programs. This role will focus on compliance with applicable regulatory and legal rules and requirements (ie SEC-Regulation SCI, CFTC-System Safeguards, etc.) as they relate to information including support of regulatory exam and Internal Audit remediation planning, tracking, and mitigation. Responsibilities: Work with appropriate stakeholders and across the organization to create a culture that manages information as an enterprise asset Implementation of the information governance, data protection, and privacy program including the development of policies, procedures, and job aids Identification, implementation, and use of technologies to support program objectives and classification standards Execution of controls and risk assessments (eg, third-party risk, privacy, data protection) Responsible in performing the privacy impact assessment on data incidents and working with relevant stakeholders like Security Services and Legal to help closing the incident. Creation and execution of strategies to identify information across the organization and throughout its life cycle Preparation of program for regulatory and internal audits/examinations and timely remediation of any findings Use of technology/tools to track projects, manage deliverables and create reporting that support the program and its objectives Support of compliance assessments for information governance, data protection, and privacy including development of controls to measure risk Development and maintenance of the organization's Records and Information Management (RIM) program, ensuring information across all media and formats is properly retained and disposed including remediation of Legacy information Ensure retention, disposition, protection, and classification are addressed in new applications, platforms, and systems Collaborate with internal and external stakeholders to implement information governance, data protection, and privacy policies and requirements Support and develop training and awareness programs for information governance, data protection, and privacy. Identify trends in privacy and regulatory requirements, compliance enforcement, and action the necessary changes in the program. Qualifications: Strong interest in understanding and solving data challenges with experience in information governance, data protection, and privacy policy Knowledge of and work experience with enterprise systems, networks, databases, and other technical domains Strong attention to detail, customer orientation, communication, and presentation skills including the ability to listen and quickly translate business needs into solutions and build effective working relationships Strong experience in building the capabilities for auto data classification, data security and data protection. Experience with classification standard definitions and settings Experience with Privacy requirements and work with personal information and its protection Strong strategic thinking, problem solving, and analytic skills Utilize metrics as means to improve performance Ability to adapt to change in emerging environments and work across multiple areas Experience in developing policies and procedures Experience in project management, project execution, and managing multiple priorities in a timeline driven environment Experience working in a highly regulated environment including an understanding of audit and compliance requirements Office 365 (Word, Excel, PowerPoint) Experience with systems supporting Compliance, Risk, Audit, Privacy, and Management such as ServiceNow, Archer, etc. Project/Program Management Business Intelligence tool experience Bachelor's degree or higher in information management, information systems, law, computer science or BA/BS in another discipline with equivalent experience Experience in the financial services industry Certifications Preferred: Certifications in Information, Data, Privacy Records or Security such as: Certified Information Privacy Professional (CIPP), Certified Information Privacy Management (CIPM), Certified Records Manager (CRM), and/or Certified Information Privacy Technologist (CIPT), Certified Information Systems Security Professional (CISSP), Information Governance Professional (IGP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA)