IT Operational Risk and Business Continuity Manager

29 Jun 2024

Vacancy expired!

Title: IT Operational Risk and Business Continuity Manager Location: Denver, CO (hybrid remote/onsite) Type: Direct Hire

Overview of the role You will have the opportunity to establish and maintain our overall IT operational risk management and business continuity functions. This includes identifying, evaluating and reporting on IT operational risks in a manner that meets regulatory and other compliance requirements, and to maintain, manage and govern IT's BCM function for recovery from all types of business disruption risks (natural, technical, geopolitical, accidental, workforce, supplier) across the entire geographic footprint of the enterprise. You will work proactively with various business units and internal groups and organizations to implement practices that meet company defined policies and standards. The IT Ops Risk & Business Continuity Manager will be the "process owner" for all IT-related risk assessment and identification activities, for the company's IT systems and information assets and for its IT-dependent strategic business objectives. A crucial element of your role will be working with senior executives, line-of-business managers and other key decision makers to determine acceptable levels of residual risk for the company and for various individual departments. Additionally, you will lead IT-related business continuity and Operational Resilience activities. You will plan and implement IT business continuity tests and maintain recovery plans in accordance with the Enterprise Business Continuity Management (BCM) framework.

Duties and responsibilities

You will:

  • Collaborate closely with the Enterprise Risk Business Partners and Business Continuity teams, ensuring compliance and alignment with the Enterprise Risk and BCM frameworks
  • Liaise with audit (internal and external) and coordinate audit activities
  • Guide the development and implementation of internal policies and procedures, ensuring that activities are consistent with objectives, operating model and organizational strategy
  • Support the identification and documentation of risks and control weaknesses, and mitigation of those risks and weaknesses
  • Assess, monitor, and control the Technology risk portfolio
  • Support the currency of Technology BC and Technical Recovery Plans
  • Develop Test Plans and implement effective IT Risk Management practices in collaboration with key partners such as Enterprise Risk, Information Security and Compliance
  • Coordinate Technology involvement in Business Continuity (including Crisis Management) exercises in partnership with 2nd Line Business Continuity function
  • Track and report risk management trends, opportunities and remediation monthly.
  • Make recommendations to the Head of IT Strategy and Planning, appropriate risk governance committees and line-of-business managers concerning IT-risk-related controls.
  • Supervise the IT-risk-management-related activities of indirect reports and others.
  • Carry out additional duties as assigned

Technical skills and qualifications

  • Bachelor Degree with a focus on IT- or IT-risk-related disciplines , or five to seven years of experience in IT risk management or a related field
  • Certified in Risk and Information Systems Controls (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) or equivalent is helpful.
  • Basic knowledge of a broad range of standards and frameworks such as International Standards Organization (ISO) 27001, COBIT, IT Infrastructure Library (ITIL) and ISO 20000, Capability Maturity Model Integration and Six Sigma
  • Knowledge of common risk management methodologies including development of Control Objectives, Risk Identification and Assessment, etc.
  • A proven leader with vision, a problem solver and integrator of people and processes, as well as an effective internal consultant.
  • In-depth understanding of strategic business risks
  • Solid domain proficiencies in a number of IT-risk-related disciplines, including security, business continuity management, audit coordination, privacy and compliance.

Competencies required

In addition to putting clients first, acting like an owner, and succeeding as a team, the competencies for this role include:

  • In addition to putting clients first, acting like an owner, and succeeding as a team, the competencies for this role include:
  • Ability to develop a comprehensive understanding of our business, market and industry and relate that knowledge to identified operations- and IT-related risks
  • Knowledge necessary to propose relevant IT responses to changing business risks and regulatory changes
  • Demonstrable ability to connect with people at all levels from developers to the C-level
  • Excellent written and verbal communication skills including the ability to effectively communicate security- and risk-related concepts to technical and nontechnical audiences including strong interpersonal and collaborative skills
  • Solid skills as a negotiator, to facilitate commitment to, and sign-off on, appropriate levels of residual risk from line-of-business managers
  • High level of personal integrity, especially while handling confidential and otherwise sensitive matters professionally and with the appropriate level of judgment and maturity
  • High degree of initiative, dependability and ability to work with little supervision

Compensation Information The base salary range for this position is $100,000 - $115,000. This range is estimated for this role. Actual pay may be different.

Max Trujillo Technical Recruiter Ascent

  • ID: #43687493
  • State: Colorado Glendale 80246 Glendale USA
  • City: Glendale
  • Salary: $110000.00 - $115000 per annum
  • Job type: Permanent
  • Showed: 2022-06-29
  • Deadline: 2022-08-27
  • Category: Et cetera