IT Risk Manager Job Description
IT risk manager
provides business and IT management with guidance on IT risk management particularly related to application controls, infrastructure, and information security.
IT Risk Manager Duties & Responsibilities
To write an effective IT risk manager job description, begin by listing detailed duties, responsibilities and expectations. We have included IT risk manager job description templates that you can modify and use.
Sample responsibilities for this position include:
Take ownership and accountability for all financials coordination within the function, ensuring central oversight and full transparency
Manage the month end recovery process for GRM IT
Ensure costs are monitored and are within governed processes – including but not limited to vendor consulting costs and third party costs
Create process documentation for new process and tools as required
Work with sponsors to develop consistent treatment of expenses across the department, including business consulting and hardware/software purchases
Act as a resource to the regional and platform specific Directors, IT Risk, and IT management, utilizing deep specialized expertise for the Infrastructure domain to assist in the development of risk mitigation solutions
Provide support to the first line of defense operating teams through the IT Risk Platform and Regional Directors in providing independent oversight and challenge for the Infrastructure domain
Ensure that the risk profile is fairly presented in ongoing reporting and escalate to the Director, IT Risk Domains when the risk profile is at or near risk appetite
Provide advice and counsel to executives and senior management, as requested by Directors, IT Risk, enhancing their ability to anticipate and manage domain risks effectively
Contribute to scenario analysis within the Infrastructure domain
IT Risk Manager Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for IT Risk Manager
List any licenses or certifications required by the position: CISA, CISSP, CISM, CIA, CRISC, PMI, CPA, PCI, PMP, ITIL
Education for IT Risk Manager
Typically a job would require a certain level of education.
Employers hiring for the IT risk manager job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Accounting, Business, Information Technology, Business/Administration, Information Systems, Management Information Systems, Finance, Education, Engineering
Skills for IT Risk Manager
Desired skills for IT risk manager include:
IT trends and systems processes to identify security and risk management issues and other opportunities for improvement
Capability Maturity Model Integration and Six Sigma
Control Objectives for Information and Related Technology and Committee of Sponsoring Organizations Enterprise Risk Management
GLBA
IT Infrastructure Library and ISO 20000
IT development methodology and techniques
Project Management
System design principles
COBIT
IT infrastructure and security
Desired experience for IT risk manager includes:
Continuous integration experience – with Team City or Jenkins
Understanding of core C# concepts, including collections, concurrency, locking, thread pools
Demonstrable NUnit and C# testing skills
Professional certifications in key technologies
ONew Technology
A minimum of 8 years of experience in a progressively responsible role in the IT Risk domain of Infrastructure, within a global financial services organization
IT Risk Manager Examples
1
IT Risk Manager Job Description
Job Description Example
Our innovative and growing company is hiring for an IT risk manager. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for IT risk manager
- Act as the point of escalation for all issues in the application and project portfolio
- Resolve complex and escalated production incidents in efficient manner
- Be aware of ongoing details of key activities and issues in area of responsibility, be able to resolve and articulate them to senior executives (Director and VP level)
- Oversee and improve application development and project execution activities and processes
- Ensure adherence to required processes and standards
- Participating in Application Controls Assessment sessions with AD Leads, ASCs and team members to identify and understand IT Risk issues, or “breaks” in applications, and develop solutions to remediate them
- Coordination with AD leads, Developers and ASCs to understand best practices for remediating risk issues, estimating the level of programming effort required for remediation
- Adhering to IT Risk Policies throughout lifecycle of application
- Keeping track of issues (breaks), remediation due dates and ensuring dates are not missed
- Participating in maintenance releases
Qualifications for IT risk manager
- Develop and maintain enterprise IT Risk policies , control standards, procedures and related documents (policy documents) to effectively manage information technology , information security and related risks
- Must have 3 to 5 years of hands-on working experience in many aspects of IT Risk and Control
- Knowledge and understanding of theories, concepts and approaches relevant to IT risk, including proven ability to gather evidence and interview stakeholders and business partners
- Experience in Financial Services, either in consulting or full time capacity
- Experience Managing projects in the Credit Risk space
- Level 3 Chartered Financial Analyst (CFA) designation
2
IT Risk Manager Job Description
Job Description Example
Our innovative and growing company is searching for experienced candidates for the position of IT risk manager. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for IT risk manager
- Lead the Derivative Credit Development group within Counterparty Credit Risk Technology, setting tone and driving continuous improvement and standardization across the group
- Prepare both high level and detailed technical specifications in accordance with security and architecture objectives
- Enforce a culture of test driven design, with an emphasis on unit testing, code walkthroughs and an emphasis on non-functional requirements
- Coordinate delivery with Infrastructure, Support and Release Management
- Complex business functionality supporting risk managers, including regulatory and management reporting, quantification of risk
- Identify resources and skills required
- Capture and tracks metrics and performs trend analysis
- Manage project scope/requirements changes, multiple and competing demands and priorities determining and conveying impact on budget, time and risk using appropriate fact-based metrics/assumptions
- Identify and manages project costs and budgets
- Anticipate operational and tactical risks and tracks them using the appropriate methodology
Qualifications for IT risk manager
- 1+ years of experience in conducting or managing a regulatory review
- Extended knowledge of IT Security & Risk Management concepts
- Specialist IT Risk Qualification (for example CISSP, CISM, CISA)
- 3-8 years of experience as an Application Security Analyst or IT Risk Analyst
- Well versed with MS Office suite of applications
- Working knowledge of Windows/Unix Administration, Networking Protocols, Contact Center Technologies - Preferred
3
IT Risk Manager Job Description
Job Description Example
Our company is searching for experienced candidates for the position of IT risk manager. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for IT risk manager
- Identify and resolves/escalates potential conflicts between long-term architecture direction and project constraints
- Manage external vendors and third parties relationships at the project level
- Demonstrate a general knowledge of market trends, competitor activities
- Lead a team of software developers to deliver best of class applications
- Set direction and vision for the team with an emphasis on continuous improvement
- Work with fellow technical managers to ensure quality delivery, accelerate time to market and to drive lower maintenance costs
- Administer risk management activities that include identification, measurement, analysis, monitoring and controlling of risks
- Establish and monitor Key Risk Indicators and also implement corrective action plans to mitigates risks
- Identify and allocate resourcing needs and ensure deliverables are completed as expected
- Communicate results of the risk mitigation strategies to senior management and draft comprehensive and complete report of audit area
Qualifications for IT risk manager
- 5 years of relevant working experience in a financial sector preferred
- Good understanding of industry regulations MAS TRM
- Technical understanding of core platform, security technologies, data centre operations
- Certification in CISSP, CISM, CISA will be advantageous
- A proven track record of experience from either a Big 4 practice, consulting or within Financial Services
- 4 - 8 years Technology Risk / IT BC/DR /
4
IT Risk Manager Job Description
Job Description Example
Our innovative and growing company is looking to fill the role of IT risk manager. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for IT risk manager
- Create and maintain an IT Department Risk Register, using Enterprise Risk Management Software
- Create and manage Risk improvement plans
- Identify the need for investment to fund Risk mitigation activities
- Provide oversight of all Risk Events ensuring they are recorded, investigated, closed -off or escalated as necessary
- Develop and continuously refine KRIs and ensure that they are embedded in day to day activities within the department
- Provide Risk Reporting to IT Leadership Team and also to Group Risk
- Promote a culture of Risk Awareness within the IT Department
- Develop a network of Risk Leads/Champions within individual IT Functions
- Maintain an awareness of potential Emerging Risk and ensure these are recorded, visible and considered in all new technology initiatives and financial planning activities
- Work closely with Group Risk, ensuring that IT Risks are reported as required to the Group Risk Committee and aligned with Risk appetite and Risk tolerance levels
Qualifications for IT risk manager
- 4-5 years of professional experience in Public Accounting, Risk Advisory/IT Consulting, or IT Audit
- Strong understanding of IT risk assessments and controls reviews
- Manufacturing and/or consumer products industry experience is preferred
- Prior experience working as an IT auditor or IT risk adviser for a public accounting firm, a professional services firm, or within industry
- CISA, CISSP, CISM, CBCP or CIA certification is desired
- Experience with integrated application audits is preferred
5
IT Risk Manager Job Description
Job Description Example
Our company is growing rapidly and is looking to fill the role of IT risk manager. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for IT risk manager
- Supervise documentation and testing of the client’s IT system of internal controls
- Identify and communicate recommendations to improve the operations and controls of client businesses
- Review deliverables and reports prepared by team members
- Perform testing on SOC engagements and other IT audit and consulting services
- Shape the application of policy within Finance IT
- Communicate policies within Finance IT and act as point of contact for clarification on content or application of policy
- Responsible for awareness initiatives of security issues, implementation of best practices and new programs / requirements
- Drive implementation of new or changed risk policies across Finance IT
- Manage IT Risks for all Finance applications
- Be the interface with level 2 (CoGs) and level 3 (Audit) functions
Qualifications for IT risk manager
- A proven track record of experience from either a Big 4 practice, consulting or within the Banking sector
- Bachelor's Degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline required, Masters Degree preferred
- Relevant certifications (CISA, CISSP, CISM, CBCP, CIA) required
- Prior responsibilities should include performing in-depth technical IT risk assessments and vulnerability analyses, recommending, designing and advising on applicable IT controls, regulatory and compliance reviews
- Experience performing financial and operational internal audits, business process control reviews
- 5 - 7 years’ prior experience of IT 3rd Party Management