IT Risk Manager Job Description
IT Risk Manager Duties & Responsibilities
To write an effective IT risk manager job description, begin by listing detailed duties, responsibilities and expectations. We have included IT risk manager job description templates that you can modify and use.
Sample responsibilities for this position include:
IT Risk Manager Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for IT Risk Manager
List any licenses or certifications required by the position: CISA, CISSP, CISM, CIA, CRISC, PMI, CPA, PCI, PMP, ITIL
Education for IT Risk Manager
Typically a job would require a certain level of education.
Employers hiring for the IT risk manager job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Accounting, Business, Information Technology, Business/Administration, Information Systems, Management Information Systems, Finance, Education, Engineering
Skills for IT Risk Manager
Desired skills for IT risk manager include:
Desired experience for IT risk manager includes:
IT Risk Manager Examples
IT Risk Manager Job Description
- Act as the point of escalation for all issues in the application and project portfolio
- Resolve complex and escalated production incidents in efficient manner
- Be aware of ongoing details of key activities and issues in area of responsibility, be able to resolve and articulate them to senior executives (Director and VP level)
- Oversee and improve application development and project execution activities and processes
- Ensure adherence to required processes and standards
- Participating in Application Controls Assessment sessions with AD Leads, ASCs and team members to identify and understand IT Risk issues, or “breaks” in applications, and develop solutions to remediate them
- Coordination with AD leads, Developers and ASCs to understand best practices for remediating risk issues, estimating the level of programming effort required for remediation
- Adhering to IT Risk Policies throughout lifecycle of application
- Keeping track of issues (breaks), remediation due dates and ensuring dates are not missed
- Participating in maintenance releases
- Develop and maintain enterprise IT Risk policies , control standards, procedures and related documents (policy documents) to effectively manage information technology , information security and related risks
- Must have 3 to 5 years of hands-on working experience in many aspects of IT Risk and Control
- Knowledge and understanding of theories, concepts and approaches relevant to IT risk, including proven ability to gather evidence and interview stakeholders and business partners
- Experience in Financial Services, either in consulting or full time capacity
- Experience Managing projects in the Credit Risk space
- Level 3 Chartered Financial Analyst (CFA) designation
IT Risk Manager Job Description
- Lead the Derivative Credit Development group within Counterparty Credit Risk Technology, setting tone and driving continuous improvement and standardization across the group
- Prepare both high level and detailed technical specifications in accordance with security and architecture objectives
- Enforce a culture of test driven design, with an emphasis on unit testing, code walkthroughs and an emphasis on non-functional requirements
- Coordinate delivery with Infrastructure, Support and Release Management
- Complex business functionality supporting risk managers, including regulatory and management reporting, quantification of risk
- Identify resources and skills required
- Capture and tracks metrics and performs trend analysis
- Manage project scope/requirements changes, multiple and competing demands and priorities determining and conveying impact on budget, time and risk using appropriate fact-based metrics/assumptions
- Identify and manages project costs and budgets
- Anticipate operational and tactical risks and tracks them using the appropriate methodology
- 1+ years of experience in conducting or managing a regulatory review
- Extended knowledge of IT Security & Risk Management concepts
- Specialist IT Risk Qualification (for example CISSP, CISM, CISA)
- 3-8 years of experience as an Application Security Analyst or IT Risk Analyst
- Well versed with MS Office suite of applications
- Working knowledge of Windows/Unix Administration, Networking Protocols, Contact Center Technologies - Preferred
IT Risk Manager Job Description
- Identify and resolves/escalates potential conflicts between long-term architecture direction and project constraints
- Manage external vendors and third parties relationships at the project level
- Demonstrate a general knowledge of market trends, competitor activities
- Lead a team of software developers to deliver best of class applications
- Set direction and vision for the team with an emphasis on continuous improvement
- Work with fellow technical managers to ensure quality delivery, accelerate time to market and to drive lower maintenance costs
- Administer risk management activities that include identification, measurement, analysis, monitoring and controlling of risks
- Establish and monitor Key Risk Indicators and also implement corrective action plans to mitigates risks
- Identify and allocate resourcing needs and ensure deliverables are completed as expected
- Communicate results of the risk mitigation strategies to senior management and draft comprehensive and complete report of audit area
- 5 years of relevant working experience in a financial sector preferred
- Good understanding of industry regulations MAS TRM
- Technical understanding of core platform, security technologies, data centre operations
- Certification in CISSP, CISM, CISA will be advantageous
- A proven track record of experience from either a Big 4 practice, consulting or within Financial Services
- 4 - 8 years Technology Risk / IT BC/DR /
IT Risk Manager Job Description
- Create and maintain an IT Department Risk Register, using Enterprise Risk Management Software
- Create and manage Risk improvement plans
- Identify the need for investment to fund Risk mitigation activities
- Provide oversight of all Risk Events ensuring they are recorded, investigated, closed -off or escalated as necessary
- Develop and continuously refine KRIs and ensure that they are embedded in day to day activities within the department
- Provide Risk Reporting to IT Leadership Team and also to Group Risk
- Promote a culture of Risk Awareness within the IT Department
- Develop a network of Risk Leads/Champions within individual IT Functions
- Maintain an awareness of potential Emerging Risk and ensure these are recorded, visible and considered in all new technology initiatives and financial planning activities
- Work closely with Group Risk, ensuring that IT Risks are reported as required to the Group Risk Committee and aligned with Risk appetite and Risk tolerance levels
- 4-5 years of professional experience in Public Accounting, Risk Advisory/IT Consulting, or IT Audit
- Strong understanding of IT risk assessments and controls reviews
- Manufacturing and/or consumer products industry experience is preferred
- Prior experience working as an IT auditor or IT risk adviser for a public accounting firm, a professional services firm, or within industry
- CISA, CISSP, CISM, CBCP or CIA certification is desired
- Experience with integrated application audits is preferred
IT Risk Manager Job Description
- Supervise documentation and testing of the client’s IT system of internal controls
- Identify and communicate recommendations to improve the operations and controls of client businesses
- Review deliverables and reports prepared by team members
- Perform testing on SOC engagements and other IT audit and consulting services
- Shape the application of policy within Finance IT
- Communicate policies within Finance IT and act as point of contact for clarification on content or application of policy
- Responsible for awareness initiatives of security issues, implementation of best practices and new programs / requirements
- Drive implementation of new or changed risk policies across Finance IT
- Manage IT Risks for all Finance applications
- Be the interface with level 2 (CoGs) and level 3 (Audit) functions
- A proven track record of experience from either a Big 4 practice, consulting or within the Banking sector
- Bachelor's Degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline required, Masters Degree preferred
- Relevant certifications (CISA, CISSP, CISM, CBCP, CIA) required
- Prior responsibilities should include performing in-depth technical IT risk assessments and vulnerability analyses, recommending, designing and advising on applicable IT controls, regulatory and compliance reviews
- Experience performing financial and operational internal audits, business process control reviews
- 5 - 7 years’ prior experience of IT 3rd Party Management