Sr IT GRC Controls

Key Responsibilities:

• Governance & Risk Management: Overseeing technology-driven processes, managing risks, and ensuring compliance within the organization.
• Risk & Control Assessments: Working closely with management to identify, assess, and monitor risks and controls related to technology and security.
• Collaboration: Collaborating with process owners to create risk and control matrices, process narratives, and flowcharts.
• Control Effectiveness: Assessing the design and operating effectiveness of technology-related processes and controls.
• Self-Assessments & Audits: Conducting reviews of Risk and Control Self-Assessments (RCSAs) and supporting audits.
• Project Management: Overseeing project status, identifying risks and roadblocks, and ensuring project alignment with management and audit requirements.
• Regulatory Compliance: Advising management on regulatory compliance, especially regarding security and technology issues.
• Team Development: Providing feedback to team members and helping them with growth opportunities.
• Time Management: Balancing competing priorities to keep projects on track.
• AI Risk Management Framework.
• IT Metrics Management KPI/KRI, IT Risk Assessments (CRI-P, GLBA) , FFIEC IT Handbook Guidelines

Skills & Qualifications:

• Educational Background: Bachelor's degree in Information Systems, Computer Science, or related field.
• Experience: Minimum of 7+ years in operations and technology governance, risk management, compliance, and audit.
• Compliance Frameworks Knowledge: Familiarity with standards such as COBIT, NIST, GLBA, SOX, PCI, ISO27001.
• Certifications: Professional certifications such as CPA, CIA, CISA, CISM, or CISSP preferred.
• Risk Management Expertise: Proficiency in risk management tools and methodologies.
• Communication Skills: Ability to communicate complex issues clearly and effectively.
• Project Management Tools: Experience with tools like ServiceNow, Predict360, Jira, and Microsoft Office tools (Word, Excel, PowerPoint, Visio).
• Collaboration & Independence: Ability to work well both independently and as part of a team.
• Audit Experience: Experience with regulatory exams, SOX compliance, and internal/external audits.
• Attention to Detail: Strong organizational and prioritization skills.