(352) FASTTEK | (352) 327-8835
FASTTEK GLOBALpowered by Fast Switch - Great Lakes
info@fasttek.com
(352) FASTTEK | (352) 327-8835
Troy, Michigan
Senior Technology Risk Engineer #988136
Job Description:
Position Summary:
The Sr Technology Risk Engineer is responsible for the delivery of the program elements of all first line of defense risk activities directly or indirectly impacting Information Technology and Information Security withinus. The Sr Information Technology Risk Engineer will leverage experience in business and technical acumen environment to execute the technical program activities in the areas of audit, technology, compliance, risk management and security. The position will be responsible for delivery of an Information Technology Risk program with clear, defined operational policy, standards and procedures related to Information Technology and Security. Job
 
Responsibilities:
  • Design/execute specific Information Technology and Security risk program elements to mitigate enterprise IT and security risks throughout the Bank. Be a role model to more junior members of the team.
  • Design/engineer/execute the implementation of the components of the Information Technology Risk Program to include external compliance, internal audit, security, vendor management, operational risk, quality assurance and quality controls for technology and information security.
  • Design/engineer/execute internal and external compliance technology audits and regulatory exams, representing Information Technology throughout the lifecycle of the audit. (planning through remediation strategy)
  • Execute the first line of defense Risk Management functions for IT meeting the Enterprise Risk Management (ERM) program elements, processes, and compliance requirements. Execute the Risk Controls Self-Assessment process for Information Technology and Information Security.
  • Execute Awareness and Training for Risk Program elements to enhance awareness and training appropriate for our needs to ensure that risk responsibilities are understood and carried out throughout the enterprise.
  • Design and execute implementation of Governance, Risk, and Control frameworks and systems based on recognized best practices such as COBIT, ISO, NIST, GLBA, SOX, FFIEC, etc.
  • Ensures compliance with applicable federal, state, and local laws and regulations. Completes all required compliance training. Maintains knowledge of and adhere to our internal compliance policies and procedures. Takes responsibility to keep up to date with changing regulations and policies.
  • Actively engage with the CISO organization to ensure that issues emanating from external contracted vendor reviews are properly vetted within the IT Organization and are entered into the Enterprise Risk Management System in a timely manner.
  • Coordinate the IT Technology Risk Acceptance work flow process from risk origination to final approval Job
 
Requirements:
  • Bachelor's Degree in a related field is strongly desired.
  • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager, (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) preferred.
  • 6+ years of experience working in technology audit, Information Security, or Information Technology required.
  • 2+ years of SOX IT control execution or testing or IT auditing experience or IT risk.
  • Three years of Information Security or IT experience.
  • Demonstrated experience in Risk and Control Self Assessments, Audits, or exams for technology or information security.
  • Demonstrated ability to audit general IT controls including related infrastructure (Active Directory), operating systems (UNIX, Linux, Windows), databases (Oracle DB and MS SQL DB), and applications (Oracle, PeopleSoft, Salesforce, etc.).
  • Design and perform root cause analysis, control gap assessments, and process improvement projects using technical and problem solving and critical thinking skills to quickly identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions.
  • Understand Industry standard frameworks for technology, such as COBIT, ISO, NIST, SANS, and others to design Governance, Risk and Control frameworks, and systems for technology and information security.
  • Design and develop internal control documentation including narratives, process and data flows, and other supporting work papers.
  • Moderate to in-depth understanding of business environment and risks associated with the financial services industry, IT environments, and information dataflow.
  • Understand IT audit principles and audit procedures, and determining and evaluating the severity of potential issues identified during testing, and to provide guidance to more junior team members.
  • Understand IT organization business processes and systems (IT Security, data management, architectural and planning, technology life cycle management, regulatory concerns).
  • Participate in multiple projects concurrently, works under pressure well.
  • Strong verbal and written communication skills with comfort around presenting new ideas and presentations to senior management.
  • Demonstrated track record of meeting time commitments.
  • Demonstrated track record of working effectively across functional and organizational lines.
  • Demonstrated knowledge of risk management tools.
  • Ability to work in teams, and/or as an individual contributor.
 
Experience Level:
  • 5-10 years
 
Additional Info:
 
At FastTek Global, Our Purpose is Our People and Our Planet. We come to work each day and are reminded we are helping people find their success stories. Also, Doing the right thing is our mantra.  We act responsibly, give back to the communities we serve and have a little fun along the way.
We have been doing this with pride, dedication and plain, old-fashioned hard work for 24 years!
FastTek Global is financially strong, privately held company that is 100% consultant and client focused.
We've differentiated ourselves by being fast, flexible, creative and honest. Throw out everything you've heard, seen, or felt about every other IT Consulting company. We do unique things and we do them for Fortune 10, Fortune 500, and technology start-up companies.
Our benefits are second to none and thanks to our flexible benefit options you can choose the benefits you need or want, options include:
 
  • Medical and Dental (FastTek pays majority of the medical program)
  • Vision
  • Personal Time Off (PTO) Program
  • Long Term Disability (100% paid)
  • Life Insurance (100% paid)
  • 401(k) with immediate vesting and 3% (of salary) dollar-for-dollar match
 
Plus, we have a lucrative employee referral program and an employee recognition culture.
FastTek Global was named one of the Top Work Places in Michigan by the Detroit Free Press in 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2022, and 2023!
To view all of our open positions go to: https://www.fasttek.com/fastswitch/findwork
Follow us on Twitter: https://twitter.com/fasttekglobal
Follow us on Instagram: https://www.instagram.com/fasttekglobal
Find us on LinkedIn: https://www.linkedin.com/company/fasttek
You can become a fan of FastTek on Facebook: https://www.facebook.com/fasttekglobal/