Job Description :
Title: Senior Manager - Enterprise IT Risk
Location: Bellevue, WA
Duration: 6 months
Role summary:
The Senior Manager, EIT Risk is accountable for the development, implementation, and management of a comprehensive IT risk management program designed to improve the integrity, availability, and confidentiality of key data within client. The focus of this position is to help IT become more proactive in identifying, assessing, and mitigating risk in the information technology environments.
In this role, candidate will have overall responsibility for developing KPIs and monitoring of the program to ensure that risks associated with client’s IT systems and processes are anticipated, recognized, and appropriately managed and mitigated. Candidate will work cross-functionally with IT and business teams, as well as with various internal and external stakeholders, to dissect complex problems and deliver clear recommendations to improve results. Candidate will interact with senior leaders across the company to communicate complicated analysis, logic, and solutions.
Key activities / responsibilities:
- Oversee a team of IT professionals and work closely with internal clients to understand key business and IT issues, and propose fact-based solutions that support strategic initiatives at client.
- Identify major risk factors, and develop and coordinate the implementation of strategies to reduce/remediate process, operational, regulatory and compliance risks.
- Propose solutions for proactively identifying and managing risks, as well as embedding mitigating controls when developing new products, systems, technologies, and service offerings.
- Foster a high-performance, risk-managed, compliant culture within IT by evangelizing the importance of risk managed solutions and supporting disincentives for non-compliance.
- Monitor and manage IT controls at the application, database, operating system and process levels.
- Ensure that key risks and incidents are tracked using critical metrics and communicated to the IT Leadership Team and other key executives to support continuous improvement.
- Identify and apply acceptable IT standards established by independent or governmental agencies, State and Local Regulatory agencies, and data retention and data privacy regulations.
- Analyze current and proposed IT systems/programs/initiatives to ensure compliance with applicable business, industry and regulatory standards.
- Participate in the review process for application, database, operating systems, and IT operational process changes/modifications to ensure that controls remain valid over time.
- Maintain awareness of industry standards, trends and best practices in order to strengthen organizational and technical knowledge.
Qualifications:
- Bachelor’s degree required in Information Technology, Computer Science, Engineering or business-related discipline.
- Certifications in Security, Audit, Risk Management and Project Management highly desirable.
- Minimum 7 years of experience in IT risk management that includes the implementation of complex risk, compliance and governance programs, as well as experience conducting IT audits.
- Knowledge of the US and international regulations and laws related to IT-related compliance standards.
- High-level understanding of current technological trends, including SOA, microservice, and API.
- Broad knowledge of DevOps tools and methodologies.
Personal characteristics:
- Strategic acumen and problem solving skills with the ability to turn findings into executable plans.
- Proven skill in accelerating change; forward looking.
- Assertive and able to influence across all levels, including influencing others without direct position power.
- Confident in his or her technical knowledge; unwavering when challenged yet knows when it’s appropriate to flex.
- Demonstrated ability to build trust and strong cross-functional relationships across an organization to achieve common goals.
- Excellent verbal and written communication skills.
- Strong business acumen and demonstrated sound business judgment.
- Organizational agility and the ability to read the subtle nuances of a situation and react/plan accordingly.
- Ability to effectively prioritize projects and manage available resources.
- Thrives in a high pressure, fast-paced environment.