The Senior IT Risk & Control Specialist - either directly or through matrixed reporting lines - manages a team of subject matter experts and is responsible for the design and execution of risk and control assurance activities from threat and risk identification, IT issue management, and/or policy governance.
- Responsible for the monitoring of overall adherence to the risk and control strategy and to applicable regulations such as SOX/GLBA through regularly scheduled audits of the IT areas.
- Assist in the development and evaluation of issue classifications and action plans. Recommend and/or close issues by reviewing and evaluating materials and evidence.
- Act as liaison between internal risk departments and technology business lines.
- Stay current on changes to technology, policy and the regulatory landscape, business changes to evaluate their impacts on the risks and controls and make necessary modifications. Be informed and aware of IT projects and how they are impacting the risk landscape.
- Interface with senior leaders and explain risks, controls, and issues as well as their relationship to the overall corporate risk appetite.
- Produce reporting on issue progress, assurance reviews, audit results, and/or the overall risk portfolio of the technology departments.
- Be informed and aware of IT projects and how they are impacting the risk landscape.
- Minimum 10 years of experience in Technical Risk Assurance or IT audit, conducting IT assurance programs.
- Minimum 8 years of experience with regulatory programs such as SOX. GLBA, PCI, etc.
- Minimum 8 years of experience with various technology architectures and application technical configurations.
- Knowledge of regulatory requirements in line with the Technology Services business lines
- Experience in financial services environment, preferably either Audit or Bank operations, with some technology or testing experience.
- Bachelor's degree preferred or minimum of 10 years of directly related experience.
Certified Information Security Auditor (CISA),
Certified Information Security Manager (CISM),
Certified Information Security Systems Professional (CISSP),
Certified Risk and Information Systems Control (CIRSC)
Equal Employment Opportunity
It is the policy of RBS Citizens, N.A. to provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to race, color, ethnicity, religion, gender, pregnancy/childbirth, age, national origin, sexual orientation, gender identity or expression, disability or perceived disability, genetic information, citizenship, veteran or military status, marital or domestic partner status, or any other factor protected by federal, state and/or local laws.
Hours and Work Schedule
Hours per Week: 40
Work Schedule: Monday-Friday 8:00AM-5:00PM