Banking Risk Technology Risk Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Job Alert
You will be updated with latest job alerts via email
Monthly Salary
Not Disclosed
Salary Not Disclosed
Vacancy
1 Vacancy
Job Description
Title Banking Risk/ Technology Risk Engineer
Location Hybrid/Midtown New York City or Long Island 3 days a week.
Duration 1 year
We need a Jr to Midlevel Banking IT Risk resource for this position.
Candidates need to have IT security experience including Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) or Certified in Risk and Information Systems Control (CRISC) preferred and 6 years of experience working in technology audit Information Security or Information Technology required.
Candidates must be LOCAL to the NEW YORK or NEW JERSEY or Long Island area and COMMUTE into the office THREE TIMES A WEEK. NO RELOCATION CONSIDERED.
Job Description: Senior Technology Risk Engineer
Responsibilities:
-
Program Delivery:
- Execute all first line of defense risk activities impacting Information Technology and Information Security within Flagstar.
- Design and implement specific elements of the Information Technology and Security risk program to mitigate enterprise IT and security risks.
- Act as a role model and mentor to junior team members.
-
Risk Program Implementation:
- Engineer the implementation of components of the Information Technology Risk Program including external compliance internal audit security vendor management and operational risk.
- Conduct internal and external compliance technology audits and regulatory exams representing Information Technology throughout the audit lifecycle.
-
Risk Management:
- Execute Risk Management functions for IT meeting Enterprise Risk Management program elements and compliance requirements.
- Conduct Risk Controls SelfAssessment process for Information Technology and Information Security.
-
Awareness and Training:
- Deliver Awareness and Training for Risk Program elements to enhance understanding and ensure risk responsibilities are carried out throughout the enterprise.
-
Governance and Control:
- Design and implement Governance Risk and Control frameworks and systems based on recognized best practices.
- Ensure compliance with applicable federal state and local laws and regulations.
-
Engagement and Coordination:
- Engage with the CISO organization to vet issues from external vendor reviews within the IT Organization.
- Coordinate IT Technology Risk Acceptance workflow process from risk origination to final approval.
Requirements:
- Bachelors Degree in a related field preferred.
- Professional certifications such as CISSP CISM CISA or CRISC preferred.
- Minimum 6 years of experience in technology audit Information Security or Information Technology.
- 2 years of SOX IT control execution or testing IT auditing experience or IT risk.
- Strong understanding of IT audit principles general IT controls and IT organization business processes.
- Experience in Risk and Control Self Assessments Audits or exams for technology or information security.
- Proficiency in industry standard frameworks such as COBIT ISO NIST and SANS.
- Excellent communication skills with the ability to present ideas to senior management.
- Demonstrated ability to work effectively across functional and organizational lines.
- Strong problemsolving skills and ability to meet time commitments
Employment Type
Full Time
Key Skills
- Diploma
- DCS
- ABAP
- Application Development
- Irrigation
- Bakery
