IT Risk and Governance Manager

Job description

Tasks

• Work closely with the information security function to support the implementation and/or mitigation of cyber risks
• Close collaboration with IT service owners to identify, mitigate, and address IT risks
• Close collaboration with IT project managers to identify, mitigate, and address residual risks from projects
• Managing the IT risk register; working closely with risk managers to identify, track, and monitor risks, review risk treatment proposals, and support the closure of resolved risks
• Risk awareness training for IT employees
• Single point of contact (SPOC) for all internal and external audits; support with fieldwork, including reviewing and collecting audit documentation, reviewing audit reports, and providing audit responses
• Tracking audit remediation plans to ensure timely and proper closure of IT audit items
• Implementation of technological regulatory changes and collaboration with IT function managers to resolve or mitigate risks/gaps identified in assessments or reviews
• Responsibility for the implementation and quality assurance of internal IT control plans
• Monitoring the lifecycle of IT technologies, patch management, and policies for end-user computing and compliance

Requirements

• Individual Contributor
• Coaching

Client management (internal & external)

• various IT functions, both regional and global
• Operational risk (CRO)
• Local legal and compliance functions

Business Management

• Key local stakeholders include IT service owners, IT infrastructure, IT application managers, IT architecture, and project managers.
• CRO functions – including business operational risk, information security, and compliance functions
• Global functions – IT risk management, information security
• Building strong relationships with key stakeholders

We offer