IT Risk Management Consultant

Kforce has a client in Greenwood Village, CO that is seeking an IT Risk Management Consultant.Summary:The IT Risk Management Principal Enterprise Technology Risk Group (ETR) is accountable for performing enterprise level technology risk assessments and ensuring that adequate mitigations are in place to address the identified risks. Furthermore, ETR oversees establishment of the Technology Risk Management methodology and approach to be utilized by the risk management groups.Responsibilities:

Conducting enterprise level technology risk analysis

Communicating results to senior management

Assisting with creation of Risk Management Plans Design

Manage processes involved in technology risk decisions, management and governance

Develop technology risk strategies, implement action plans, and recommend policy and procedural changes for risk avoidance and mitigation

Develop metrics and reporting to demonstrate IT risk posture

BA/BS, preferably in Technology, or related field of study required and MS is preferred Years of experience; Additional equivalent work experience may be substituted for the degree requirement

CISA, CISM, CISSP, CRISC certifications (any of these)

5 years of experience in an informal leadership role working with business or technical teams

10 years of experience in IT risk management, compliance, or information security, including at least 2 years developing IT compliance frameworks or ITRM methodologies

Significant knowledge of information technology processes and controls

Deep understanding of risk and control frameworks (ISO, UCF, NIST, COBIT, ITIL, HIPAA, PCI, etc.)

Expert in IT Risk Analysis and Risk Management domain

Proficient in IT Policy Standard, Framework Development, Risk Evaluation Criteria, Quantitative Analysis, Statistical Modelling

Strong understanding of risk management concepts and concerns, including probability management and quantified risk analysis

Demonstrated experience building and improving technology risk programs

Experience with risk metrics aggregation, collection, and presentation

Preferred Qualifications:

4 years of work experience in a role requiring interaction with executive leadership (e.g., Vice President level and above)

4 years of experience working in a large matrixed organization

4 years of experience in the development and delivery of risk management metrics and reporting

The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.This job is not eligible for bonuses, incentives or commissions.Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.Compensation Type:HoursMinimum Compensation:63.00Maximum Compensation:67.00