This listing was posted on WhatJobs.
DescriptionJob Summary The IT and InfoSec Operational Risk
Location:
Columbus, OH
Description:
DescriptionJob SummaryThe IT and InfoSec Operational Risk Officer within the second line of defense Operational Risk organization is responsible for the independent oversight of front-line Information Technology (IT) and Information Security (IS) units to socialize risk concepts, frameworks and promote the organizations' risk culture, including education and training. The IT and InfoSec Operational Risk Officer must adapt previous experience and industry leading practices to fit Northwest. The position also partners with functional and operational leadership in the development of risk mitigation plans, consistent with the Bank's enterprise risk management framework. The role will be an integral part of a risk management team that encourages creativity, leadership, and influence. The role is expected to have a significant impact and influence in bank-wide strategic decision-making, and to support our mission through risk-based and data-driven decision making. Essential Functions Provide companywide oversight and governance over information security and information technology risksHelp mature and execute an IT and IS risk management framework using industry leading practices (e.g., NIST CSF, COBIT, SCF) taking into consideration regulatory expectationsIndependently assess risks and drive actions to address the root causes that persistently lead to significant residual operational risk by challenging both historical and proposed practicesLeverage the current ERM framework and partner with first-line IT and IS teams to further mature IT risk assessments, document controls, identify gaps, and create action plans for critical IT and IS processes, including validation and testing to ensure IT risk programs are implemented and executed appropriatelyHelp refine the risk register for IT, IS and operational risk competencies, as well as help create additional ones as appropriateProvide oversight of IT/IS Risk and Control Self-Assessment (RCSA) activities, and monitoring routines (Third Party, Audit, Issue Management, Remediations, etc.)Make recommendations for remediation of issues and continuous monitoring through the creation of metricsReview processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and make recommendationsPerform independent risk assessment of the first line, inclusive of emerging risksReview and challenge of first-line risk acceptancesIdentify trends, themes, tendencies that indicate emerging IT/IS risks by relying on mining trends in relevant metrics, loss data and external events and effectively communicate learnings to Business to drive necessary responses and actionComplete risk assessments of critical technology implementations (e.g., Cloud Computing, hybrid infrastructure models, and Active Directory)Provide analysis and reporting of Northwest's IT and IS risk profile, and consultative advice to Northwest's Management TeamInfluence appropriate risk management prioritization by the first line to enable the business to meet strategic objectives, while meeting IT and IS risk program expectationsEnsure compliance with Northwest's policies and procedures, and Federal/State regulationsNavigate Microsoft Office Software, computer applications, and software specific to the department to maximize technology tools and gain efficiencyWork as part of a teamWork with on-site equipment Education + Experience preferred Bachelor's degree in Information Technology or related degree12 - 15 years of banking or regulatory experienceCertified Information Systems Auditor (CISA)Certified Information Security Manager (CISM)Certified Risk and Information Systems Control (CRISC)Certified Information Systems Security Personnel #LI-EK1#LI-HybridEqual Opportunity Employer/Protected Veterans/Individuals with DisabilitiesThe contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
Company:
Northwest Bank
Posted:
January 2 on WhatJobs
Visit Our Partner Website
This listing was posted on another website. Click here to open: Go to WhatJobs
Important Safety Tips
- Always meet the employer in person.
- Avoid sharing sensitive personal and financial information.
- Avoid employment offers that require a deposit or investment.
To learn more, visit the Safety Center or click here to report this listing.
More About this Listing: DescriptionJob Summary The IT and InfoSec Operational Risk
DescriptionJob Summary The IT and InfoSec Operational Risk is a Technology IT Job at Northwest Bank located in Columbus OH. Find other listings like DescriptionJob Summary The IT and InfoSec Operational Risk by searching Oodle for Technology IT Jobs.
DescriptionJob Summary The IT and InfoSec Operational Risk is a Technology IT Job at Northwest Bank located in Columbus OH. Find other listings like DescriptionJob Summary The IT and InfoSec Operational Risk by searching Oodle for Technology IT Jobs.