CASY-MSCCN Jobs

Description

Job Description Summary

The Technology Risk Assessment Lead will be responsible for operational and risk strategy programs within the IT segment. Direct self-monitoring and proactive testing via execution of periodic risk assessments. Evaluate effectiveness of controls and escalate as appropriate. Oversee and ensure the administration of operational and regulatory risk strategy programs supporting multiple IT segments. Evaluate the adequacy and effectiveness of enterprise and regulatory controls and the resulting risk and control self-assessments. Deliver timely escalation of all issues requiring attention to senior management. Work with business segment management to ensure that the overall risk function is effectively supporting strategic goals. Collaborate with Audit/Corporate IT Risk/Segment CIO leadership teams to address issues with plausible action plans and target dates. Act as the central point for receipt and distribution of important risk information for the business segment. Develop and deliver periodic Risk updates to segment leadership teams. Ensure business segment adheres to corporate and business unit policies and procedures.

The Technology Risk Assessment Lead will work with business segment management to ensure that the overall risk function is effectively supporting strategic goals. Primary risk support will be for the Segment Chief Information Officers (CIOs) covering the Technology and Cybersecurity business segments.

Detailed Description:

• Perform Risk Assessments of IT systems in development by engaging with project/segment teams for high priority projects; Serve as the Risk voice.

• Partner with project teams to communicate security and control requirements and provide both oversight and support to determine if these requirements are met through the development cycle, escalating concerns as necessary.

• Partner with Technology Segment Risk Manager, Sr to build and maintain relationships with key stakeholders of the pre-deployment risk assurance program, including the Technology Segment Risk Officer (SRO), the broader Technology Risk team, the IT Project Management Office, Enterprise Architecture, Information Security, regulators and Internal Audit.

• Develop and deliver periodic Risk updates to segment leadership teams via monthly segment Operational Reviews

• Collaborate with Audit/Corporate IT Risk/Segment CIO Leadership teams to address issues with appropriate action plans and target dates that remediate root causes.

• Participate in Technology Risk Committee and other oversight and governance groups as assigned.

• The primary service of maintaining the universe of risk assessments across Cyber and Enterprise IT

• Ensuring coverage alignment with FFIEC guidance

• Aligning schedules with regulatory and audit calendars

• Working with Delivery and Risk Partners to understand active work and progress against the schedule

• Ensuring appropriate coverage of risk assessment domains over a defined time period.

Basic Qualifications:

Bachelor’s degree

• Min 5 years of experience in a Technology Risk position, primarily in a technology, cybersecurity or infrastructure environment

Preferred Qualifications:

• Problem Solving and Critical thinking

• Strong Written and Verbal Communication skills

• Ability to Identify root cause and proper solution

• Strong research and analytical skills

• Ability to multi-task and work in a fast pace environment, manage projects

• Familiar with SLDC process and project management

• Proficient in MS Office

• CISA, CISSP, or CRISC preferred

  Exempt Status: (Yes = not eligible for overtime pay) (No = eligible for overtime pay)

Yes

Workplace Type:

Hybrid

Huntington is an equal opportunity and affirmative action employer and is committed to providing equal employment opportunities for all regardless of race, color, religion, sex, national origin, age, disability, sexual orientation, veteran status, gender identity and expression, genetic information, or any other basis protected by local, state, or federal law.

Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.

Agency Statement: Huntington does not accept solicitation from Third Party Recruiters for any position