IT Risk Manager
Silicon Valley Bank (SVB) is looking for an IT Risk Manager who will be reporting to the Sr. IT Risk Manager in Global Services Governance team. The IT Risk Manager is an individual contributor role and will be responsible for providing comprehensive risk oversight on IT processes via identifying, assessing, mitigating and monitoring technology risks in Silicon Valley Bank. Required Qualifications:
Preferred / Is a Plus Qualifications:
- 5+ years of IT audit and/or IT risk management experience at a Big 4 firm, a financial services company or other regulated organization.
- 3+ years hands on experience with SOX audit and experience in performing tests of design and effectiveness over IT controls.
- Ability to effectively complete control testing work papers, collect supporting evidence from different stakeholders and share the testing results with control owners to work on defining action plans to remediate the gaps.
- Capability to work on the multiple tasks simultaneously with minimal direction in in fast-paced environment.
- Proactive, strong interpersonal skills.
- Proficient in Microsoft Excel and PowerPoint.
- Familiarity in IT risk and compliance activities and general understanding of industry frameworks (as such COBIT, ITIL), and technology (Oracle database, Active Directory).
Qualifications Core Responsibilities:
- One or more professional certifications highly desirable, such as CGEIT, CISA, CISM, CISSP, CRISC.
- Experience with using or implementing GRC tools.
- Working knowledge of (or willingness to learn) key regulations within risk management and financial services industry, such as FFIEC, GLBA, GDPR, PCI.
- Conducting IT risk self-assessments and performing IT control self-testing to identify gaps and deficiencies.
- Providing support to technology teams with the internal/external audits and advise them on management action plans to remediate the deficiencies.
- Verifying appropriate remediation measures are taken and effectively completed.
- Interpreting regulatory requirements into actionable internal IT controls and validating compliance with these requirements.
- Owning IT's Risk Register and Control Library.
- Tracking and reporting the status of management action plans for the deficiencies identified through IT risk self-assessments, control self-testing, security assessments, and internal / external audits.
- Building effective relationships with IT teams and collaborate with external stakeholders in Security Office, Internal Audit, Enterprise Risk Management, Corporate Compliance, Regulatory Relations and business units.