|Date Posted||April 10, 2019|
The Information Risk Manager within the Information Risk Strategy & Management organization is an essential role responsible for partnering with the business to drive enterprise information risk management, governance, solutions, and organizational capability through sustainable risk-based processes. This role will give exposure to new and existing technology used enterprise-wide and an opportunity to engage with leadership and asset support teams across the ITC and ETC functions. It will provide an opportunity to learn about businesses and their risks, new IRM Standards, and the
five concurrent and continuous functions of the cybersecurity framework - Identify, Protect, Detect, Respond, and Recovery. The Information Risk Manager will have the first-hand opportunity to apply this cybersecurity framework to technologies that ETC and ITC are actively involved in to include digital transformation, blockchain, cloud, RPA, IoT, and
among a whole slew of other technologies.
Individuals in this role will:
* Obtain understanding of the business and its risks
* Provide consultation on overall IT IRM risks
* Govern and deliver enterprise IRM solutions
* Report on state of risk and compliance management
* Increase IRM organizational capability
* Advise on audit / validation / risk assessment engagements and remediation
* Promote, monitor and validate IRM processes (i.e. IP, DP, SOX IT)
Key responsibilities include, but not limited to the following:
* Understand and assess the overall Information and Cyber Risks faced by the business in their business conduct,
business processes, the IT systems, PCN, Applications, etc., and recommend mitigation strategies.
* Promote the identification, understanding, and management of information risks and vulnerabilities for the operating
* Establish, implement and guide the business unit to adhere to Corporate Policies and IRM Standards that direct
information security, risk management, and compliance activities.
* Continuously drive improvement and promote the alignment of standard IRM processes, tools, and training across
all business units.
* Provide the state of Information Protection and Data Privacy compliance to business unit leaders to ensure the
understanding, appropriate rigor, and prioritization in management of risk and escalate any priority conflicts.
Fircroft has been placing people in specialist technical industries for approaching half a century, focusing on mid to senior level engineers for contract and permanent roles worldwide. By applying for this job you give consent for Fircroft to contact you, via email & telephone, to discuss your application along with future positions and Fircroft's services.
Fircroft is registered as a Data Controller with the Information Commissioner as required under the General Data Protection Regulation 2016/679. Fircroft will only process your personal data for the specific purposes of managing your application.