Duration: 6 months
Remote: We can check on this if you are interested.
Support Procurement, Property, Facilities business lines
Tool used: Archer GRC.
Establish and maintain risk relationships and identify merging risk controls and audits. Put together plans to mitigate risk, Identify risks before they become an issue. Evaluate adequacy and effectiveness of controls. Document risks. Meet regulatory requirements
Contractor is responsible, along with business unit management, to oversee and manage all aspects of risk and assess on an ongoing basis the material risks associated with its activities, determining if actions need to be taken to strengthen risk management or reduce risk given performance against the business units risk profile and tolerances.
Responsible for issue management including partnering with business lines to develop action plans that will deliver intended outcomes within defined timelines while identifying themes and related holistic remediation plans.
Provides day to day support to the business unit(s) providing knowledge and expertise on the appropriate implementation of Regulations, Rules and industry standards through procedures, other guidelines, and industry best practices.
Performs detailed risk assessments and advises the business lines on risk mitigation actions.
Responsible for facilitating risk and control self-assessments with the technology business lines.
Advise on new processes / products, initiatives and strategies from a risk and control perspective; guide the business unit(s) through the various governance approvals related to new initiatives ensuring proper controls.
Provides coverage to facilitate processes for risk identification and treatment across applicable systems.
Risk management experience
Experience in an organization that is under strong regulatory oversight and scrutiny
Intermediate knowledge of internal controls and risk self assessment
Basic knowledge of business areas processes and/or products and operations; regulatory requirements; and key processes, controls and exposure areas
Ability to analyze and synthesize many risk data points and help the business to prioritize mitigation
Analytical thinking skills
Strong business writing skills
Ability to effectively communicate with all levels of the organization
Proficient use of Microsoft Office Suite
One of these Certifications is Preferred:
Certified Information Systems Auditor (CISA)
Certified in Risk and Information Systems Control (CRISC)
Certified Information Security Manager (CISM)
Certified Information Systems Security Professional (CISSP)
Certified Internal Auditor (CIA)