Principal, Enterprise Risk Management
Posted on Jun 9, 2022 by Request Technology
Principal, Enterprise Risk Management
Salary: $170k-$185k + 25% Bonus
Location: Chicago, IL/Dallas, TX
Hybrid Role: 2 days on, 3 days remote
*We are unable to provide sponsorship for this role*
A prestigious financial company is seeking to fill a Principal, Enterprise Risk Management position that will be responsible for the identification, oversight, challenge, and assessment of the organization's risk related to Technology and Security. Specifically, this role will be expected to advise and challenge the organization on its technology-related development initiatives to ensure risk is appropriately identified, managed, mitigated, monitored, and reported on accurately and timely to support the company's strategic objectives.
- 8+ years of work experience in Audit, Compliance, Information Technology/Security and/or risk and control related roles, required
- Prior experience with IT and Security Risk Management within a second or third line of defense role (Risk management, Compliance, or Internal Audit).
- Experience in designing, developing, and implementing controls within technology and security environments.
- Deep understanding of COBIT and NIST CSF Frameworks and how to apply them in an organization
- Strong knowledge or risk management frameworks and implementation of risk management capabilities in a financial services environment.
- Have led complex long-term projects in a fast-paced organization.
- In-depth knowledge on business and IT processes as well as risks and control activities.
- Experience tailoring industry frameworks to an organization to drive risk management capabilities.
- Experience with risk identification, analysis, and treatment.
- Deep understanding and experience with systems development, testing and deployment, agile methodologies, and information security programs.
- Ability to adapt quickly to changing priorities, environment constraints and project deadlines.
- Strong understanding of risk management and controls, and how processes, people, and technology support risk mitigation.
- Understanding of the regulatory environment and how control environment documentation supports compliance
- Serve and IT and Security lead for the ERM team, working with departments to understand their process, risk and control environment and ensure risks are appropriately managed, monitored and mitigated.
- Represent ERM in various Technology and Security Working Groups, providing advice and challenge to operating units for risk management activities.
- Responsible for leading ERM's oversight and advising on the Renaissance system initiative.
- Assist with senior management and Board reporting of technology risk management activities, providing valuable insights, trends, and observations.
- Serve as primary liaison for ERM to business owners, technical owners, project management and other project and program stakeholders
- Work with internal and vendor technical teams to ensure project, execution and requirements risks are being identified, tracked, and reported on appropriately.
- Execute periodic risk reviews regarding the project, with vendor resources, to assess the risks of the project and vendor relationships.
- Work with stakeholder groups to advise on risk mitigations, assessment of the related risk, and coordination for risk management and controls for the project execution.
- Work with stakeholders to understand, identify, design and document automated controls within the operating environment.
- Participate in project team leadership meetings to understand project status, deliverables, outcomes, and performance.
- Develop positive collaborative relationships with Management, Compliance, and Internal Audit to help achieve long-term strategy and short-term objectives.