Risk Manager
SKILLS
FULL DESCRIPTION
Risk Manager
An extraordinarily talented group of individuals work together every day to drive [Employer hidden — view at passion-project.co.uk]' success, from both professional and personal perspectives. Come join the excellence!
Overview
• Supporting the annual PCI and SOC audits as well as customer assurance requests • Supporting internal reviews to identify any controls gaps and managing remediation • Demonstrating the team’s core values; Focus, Collaboration, Awareness and Delivery
Responsibilities
Gathering and reviewing audit evidence. [Employer hidden] undergoes SOC and PCI audits and has an established programme of gathering evidence from various teams at regular intervals, reviewing, providing feedback and remediating any issues in a timely manner. The role entails supporting the manager of this process.
Customer assurance. [Employer hidden] receives questionnaires and assessment requests from customers as part of their vendor risk management programmes. [Employer hidden] completes these questionnaires using the Shared Assessments Standard Information Gathering (SiG) questionnaires. The role entails supporting the manager maintaining the SiG questionnaires and delivering on customer requests in an effective and efficient manner.
Process and controls reviews for improvement. Agreed and established processes and controls require frequent compliance reviews which may identify opportunities for further improvement or efficiencies. The role entails supporting such reviews, identifying improvements and ensuring these are adequately implemented.
Audit preparation and management. This involves gathering, sorting and saving evidence on the portal for external assessor’s review and coordinating the various assessment activities at multiple locations. The role entails supporting this process from start to successful completion in a timely manner.
Demonstrating the team’s core values; Focus, Collaboration, Awareness and Delivery. Effective delivery requires focus and collaborating with various teams to gather evidence, avoiding duplication of effort, sound understanding of IT risks and controls as well as technical knowledge of IT systems, operating systems and applications
Delivery against the agreed deadlines and continually learning about [Employer hidden]’ environments
Maintaining confidentiality as the team may be privy to sensitive company and customer information
Qualifications
Team player who can work in a collaborative environment
Effective communication and interpersonal skills
Strong analytical, report writing and presentation skills
Keen learner and committed to presenting high quality deliverables within agreed timescales
Understanding of IT risks and controls as well as IT auditing
Technical knowledge of IT systems; operating systems and applications
At least 10 years’ experience
Desirable
Experience of PCI DSS, SOC or internal IT audits
Degree in IT or equivalent
CISA or CISM qualified
If you are passionate about technology, love personal growth and opportunity, come see what [Employer hidden] is all about!
[Employer hidden] is an equal opportunity employer. [Employer hidden] evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status or any other legally protected characteristic.