Senior IT Risk Management Officer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Howard-Sloan Search · 4 days ago

Senior IT Risk Management Officer

positionNew York, NY
timeFull-time
remoteHybrid
senioritySenior Level
date5+ years exp

Howard-Sloan Search is representing a major asset management firm with over $100 billion in assets under management. They are seeking a Senior Technology Risk Management Officer to support IT governance and compliance programs, manage risks, and facilitate external audits while collaborating with various stakeholders across the firm.

Financial ServicesLegalProfessional ServicesRecruiting
check
Diversity & InclusionbadNo H1Bnote
Hiring Manager
Irene Ross
linkedin

Responsibilities

Support the Firm’s external audit reviews by gathering, evaluating, and delivering timely evidence for key technology and business processes and facilitate walkthroughs, findings discussions, and escalations
Validate ongoing operation for core technology processes by proactively testing key controls, correcting identified issues, and driving sustainable process enhancements that avoid issue recurrence
Facilitate the advanced preparation of technology and business process owners for audit reviews, understand their processes and advise on process and control design to drive continuous improvement
Conduct technical reviews of software products and services to identify Information Security and AI risks, triage and summarize the findings, and advise firm’s stakeholders on appropriate risk treatment
Complete information security reviews, analyze identified risks, and define remediation actions where necessary
Maintain documentation of identified risks, ownership, treatment timelines, and status
Coordinate with stakeholders to drive timely and complete mitigation and validation of identified risks
Prepare regular reports for IT and Business managers indicating workstream status and progress, design and deploy evergreen self-service visualizations
Contribute to the delivery of strategic priorities across technology, risk, governance, and identity and access management by completing projects and tasks as assigned and by collaborating with relevant stakeholders
Create a list of legacy and cloud services, identify key risk attributes, security, and audit process gaps, agree on gap treatment, and drive their complete and timely resolution
Collaborate with stakeholders to identify risks arising from planned and proposed process and technology changes, agree on mitigation actions, and ensure the timely and complete closure of committed actions
Identify automation opportunities to replace manual activities, design, and prototype effective solutions
Provide feedback and experience that inform proposed policies and standards governing relevant processes

Qualification

Information SecurityRisk ManagementRegulatory ComplianceData ProtectionTechnology AuditIdentityAccess ManagementServer ArchitectureCloud ServicesAutomation PowerShellAutomation PythonAI SystemsCISA CertificationCRISC CertificationCISSP CertificationAWS Security CertificationMicrosoft OfficeCommunication SkillsCollaboration Skills

Required

5 years of experience in information security, data protection, third-party risk management, technology audit, regulatory compliance, or identity and access management
Experience defining, implementing, and reviewing secure and resilient design principles for business systems
Experience in risks arising from use of classic and cloud-native application architectures
Data gathering and analysis to provide timely and relevant recommendations
Proficiency in Microsoft Office products – Excel, PowerPoint, Word
Presenting the business impact of technology risks, processes, and requirements
Excellent written and verbal communication, and collaboration skills
BS in Computer Science, Information Systems, Accounting, Data Science, or a related field

Preferred

Experience in server architecture – Windows, MS SQL Server
Azure, AWS; Exposure to software development and SDLC pipelines
Experience in building and deploying automation (PowerShell, Python)
Experience using, building, and governing Artificial Intelligence (AI) systems, AI agents, and AI-enabled systems
Experience across IT domains and processes – security, change, identity and access management, resilience, and operations of networks, hosts, cloud services
Exposure to risk management frameworks and regulations – SOC 1, SOC 2, ISO 27001, NIST CSF, SOX, GDPR
Best-of-breed security and technology tools and applications
CISA, CRISC, CISSP and/or AWS Security and Architecture certifications

Company

Howard-Sloan Search

twittertwitter
company-logo
Howard-Sloan Search is a recruiting company that provides legal, compliance, financial, legal support, and technology services.
dateFounded in 1957
location
New York, New York, USA
people-size51-200 employees
web-link
https://www.howardsloan.com/

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Mitchell Berger
Chief Executive Officer
linkedin
leader-logo
Desiree Greene
Chief Operating Officer
linkedin
Company data provided by crunchbase