Area: Our mission is to enhance the company's risk landscape by implementing robust risk governance, conducting thorough risk assessments for enterprise initiatives, and ensuring ongoing monitoring and reporting. We aim to safeguard our company's products by evaluating SOX and Operational IT risks and designing effective technical IT controls.
Role: As a Technology Risk Solutions Manager, you will be responsible for evaluating SOX and Operational IT risks for our products and facilitating the design and implementation of IT General Controls (ITGCs), IT automated controls, and business controls. You will collaborate with cross-functional teams, including IT, Finance, and Audit, to assess risks, develop effective control solutions, and facilitate remediation of control gaps.
Responsibilities:
Risk Management Strategy and Assessment
Identify and assess SOX and operational IT risks within complex IT and business processes.
Partner with IT and business leaders to design and implement ITGCs and IT automated and business controls.
Develop and implement comprehensive technology risk and control governance frameworks and standards.
Facilitate remediation of control deficiencies and gaps.
Evaluate SOC1/SOC2 reports for third-party applications and aid in the design and implementation of Complementary User Entity Controls (CUEC).
Monitor changes in regulatory requirements and emerging technologies.
Train IT and business teams on the enterprise risk framework and standards.
Prepare risk reporting for business and IT leadership review.
Project Management
Support the delivery of technology risk solutions within business processes.
Manage the execution of control development, design, and testing activities.
Collaborate with cross-functional teams to identify control objectives, control activities, and control owners.
Ensure IT controls are integrated into the system development life cycle (SDLC) processes.
Relationship and People Management
Work closely with IT and business teams to assess and monitor the effectiveness of IT and business controls.
Provide training and coaching to junior team members.
Manage business, IT, and audit stakeholder relationships on large and complex cross-domain initiatives.
Job Qualifications:
Minimum Qualifications:
Bachelor's degree in Information Systems, Information Technology, Accounting, Auditing, or a related field.
4-7 years of experience in IT governance, risk, and compliance with a specific focus on SOX and operational risk management.
Proficiency in assessing IT and business SOX and operational risks and implementing effective control solutions.
Deep knowledge of ITGCs, IT automated and business controls, and their application in financial reporting and operational processes.
Excellent communication and collaboration skills.
Strong analytical and problem-solving abilities.
Ability to adapt to a dynamic and fast-paced environment.
Effective communication of technical and functional risk management solutions.
Preferred Qualifications:
Advanced degree or relevant certifications (e.g., CISA, CISSP).
Knowledge of industry frameworks and standards, such as COBIT and ISO 27001.
Experience with GRC tools such as Archer and ServiceNow.
Understanding of cloud technologies and associated risks and controls.
Experience with analytics.
Experience assessing compliance with agile SDLC methodologies.
Prior experience in ERP, cloud, or DevOps tools.
Contact: atunstall@judge.com
This job and many more are available through The Judge Group. Find us on the web at www.judge.com