Technology Risk Solutions Manager

Career Renew is recruiting for one of its clients a Technology Risk Solutions Manager in Overland Park, KS or Frisco, TX.

The Technology Risk Solutions Manager is an individual contributor role within FinPro Process and Controls team. This role will be responsible for evaluating SOX and Operational IT risks for company products and facilitating the design and implementation of technical IT controls (including IT General Controls and IT automated controls) and business controls to mitigate these risks. We are seeking an experienced individual to mature the company's risk landscape including risk governance, risk assessments for enterprise initiatives and ongoing monitoring and reporting. You will collaborate with cross-functional teams, including IT, Finance, and Audit to assess risks, develop effective control solutions, and facilitate remediation of control gaps.

Responsibilities: 

Risk Management Strategy and Assessment

Identify and assess SOX and operational IT risks within complex IT and Business processes and develop strategies to mitigate those risks.

Partner with IT and Business leaders to design and implement IT General Controls (ITGCs) and IT automated and business controls to address critical risks.

Develop and implement comprehensive technology risk and control governance frameworks and standards, ensuring alignment with industry best practices and regulatory requirements.

Facilitate remediation of control deficiencies and gaps through providing leadership and guidance over the remediation lifecycle.

Evaluate SOC1/SOC 2 reports for Third-party Applications and aid in the design and implementation of Complementary User Entity Controls (CUEC).

Monitor changes in regulatory requirements and emerging technologies and provide guidance on their impact to the IT and Business control environment.

Train IT and Business teams on the enterprise risk framework and standards.

Prepares risk reporting for business and IT leadership review.

Project Management

Support the delivery of technology risk solutions within business processes by managing the product risk management lifecycle.

Manage the execution of control development, design and testing activities, including coordination with internal and external auditors for new technologies.

Collaborate with cross-functional teams to identify control objectives, control activities, and control owners to mitigate IT risks.  

Collaborate with IT development teams to ensure that IT controls are integrated into system development life cycle (SDLC) processes.

​Relationship and People Management

Work closely with IT and Business teams to assess and monitor the effectiveness of IT and Business controls and recommend enhancements.

Provide training and coaching to junior team members and aid them in the technology and business risk assessment process.

Performs day-to-day management of business, IT, and Audit stakeholder relationships on large and complex cross domain initiatives.

Qualifications: 

Bachelor's degree in information systems, Information Technology, Accounting, Auditing or a related field (Required)

Advanced degree or relevant certifications (e.g., CISA, CISSP) are a plus. 

​

Work Experience:

4-7 years experience in IT governance, risk and compliance with a specific focus on SOX and Operational risk management. (Required)

Knowledge, Skills and Abilities:

Proficiency in assessing IT and Business SOX and operational risks and implementing effective control solutions (Required)

Deep knowledge of IT General Controls (ITGCs), IT automated and Business controls, and their application in financial reporting and operational processes. Understanding of how applications, Operating systems, Databases work to implement IT General controls in Logical Access, Change Management and Computer Operations (Required)

Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams and influence stakeholders at various levels of the organization (Required) 

Strong analytical and problem-solving abilities, with a keen attention to detail (Required)   

Ability to adapt to a dynamic and fast-paced environment and handle multiple priorities with a sense of urgency (Required) 

Communicates technical and functional risk management solutions effectively and efficiently (Required)

Knowledge of industry frameworks and standards, such as COBIT and ISO 27001, is highly desirable (Preferred) 

Ongoing risk monitoring and reporting and respective technology enablement (e.g., GRC tools such as Archer and ServiceNow) (Preferred) 

Understanding of Cloud Technologies and associated risks and controls (Preferred) 

Analytics (Preferred)

Experience assessing compliance with agile SDLC methodologies (Preferred) 

Prior experience in ERP, Cloud, or DevOps tools (Preferred)  

• At least 18 years of age

• Legally authorized to work in the United States