**Principal, IT Risk and Controls**

Job description

Job title:

Workplace details:

• Hybrid
• Full-time
• Chicago, IL

Tasks:

• Partner with technology executives to assess risk exposures, design effective controls and lead remediation efforts for complex or emerging risks.
• Lead risk identification and material risk reviews, design overall risk narrative for technology executive reporting.
• Drive the implementation of sustainable risk exposures through control design, leading control assessments for core cyber security areas including vulnerability management, threat management, third party security vetting, identity and access management.
• Representing the first line in the interaction with Risk and Audit, ensuring transparency and preparation across all risk exposures.
• Assist in the development and implementation of technology risk and cybersecurity training for technical areas.
• Participate in incident responses to provide guidance on technology and cybersecurity risks and control security.
• Influence behaviors to resolve conflicts, clarify goals and outcomes, and promote a strong technology risk management culture with the information security organization.

Requirements:

• 12+ years of experience in technology risk, information security or a related leadership role in a highly regulated industry.
• Expert knowledge in the implementation of risk management based on IT risk frameworks (e.g. NIST 800-53).
• Proven ability to influence senior technology and business leaders, with excellent written and verbal communication skills.
• Experience in determining vulnerability risks to key objectives and critical processes; ability to link risk management programs and initiatives to inform critical business strategies and processes.
• Strong analytical and strategic thinking skills with the ability to translate risk insights into action.
• Applicable industry specific certification(s) preferred.
• Bachelor's degree in computer science or a related field and technical experience in security.

We offer:

• Comprehensive benefits package (including retirement benefits (401k and pension), health and welfare benefits (health insurance, dental insurance, spending accounts and disability insurance), paid time off, parental and caregiver leave, life and accident insurance and other voluntary and wellness benefits).
• Discretionary bonus program, which may include an equity component.
• Flexible and collaborative working culture.
• Promoting movement within the company.
• Access to senior management.