IT Risk Reporting Specialist

Desarrollo Web y Móvil / Otros Web y Móvil

Detalles del trabajo

  • Publicación: hace 16 días
  • Tiempo restante: 13 días
  • Tipo de trabajo: oferta de empleo
  • Ubicación: Argentina, Buenos Aires
  • Tipo de empleo: Contrato Indefinido
  • Salario: sin especificar
  • Experiencia requerida:
  • Formación: Grado o Licenciatura

Descripción de la oferta

The IT Risk Management (ITRM) function creates and maintains EYs global IT policy framework and produces risk-related reporting to IT and EY executive audiences. ITRMs primary goals are to help reduce IT risk, defend against internal and external threats, and protect client and EY data.The IT Policy & Reporting Specialist is responsible for two different areas of risk management, including:Policy: Developing/maintaining global IT policies, and aligning them to industry frameworks, and local and regional regulatory requirements. The Specialist is also responsible for day-to-day activities as they relate to the IT policy program, including acting as the IT policy subject matter expert, facilitating and participating in the IT policy review processes, and contributing to IT policy awareness.Reporting: Aid in the development and execution of a risk reporting strategy. Responsible for risk data analysis and aggregation as well as data mining to ascertain trends and draw conclusions. Ability to build and maintain a portfolio of executive-level reporting.Essential Functions of the Job: Research/gather information for the development/maintenance of global policies, including IT and acceptable use policies, and supporting documents Work closely with policy stakeholders to develop and maintain policies that safeguard EY against the changing threat landscape Perform policy gap analysis to ensure they align to industry frameworks, best practices, client demands, and local/regional regulatory requirements Interface with various stakeholders and functions to validate that policies are consistently implemented and reflected in their functions processes Facilitate and participate in the policy review and approval processes Act as the IT policy subject matter expert and respond to policy inquiries Contribute to IT policy awareness Contribute to development of IT Risk Management reporting strategy and roadmap Aggregate data from disparate sources into holistic risk picture Present risk metrics and information in meaningful business terms Collaborate with key stakeholders to ensure risks are being reported and maintained in respective repositories Coordinate with risk mitigation owners to understand status of mitigation, challenges, and report on output of risk assessments Knowledge and Skills Requirements An in-depth understanding of ISO 27002, ISO 27001, ISO 31000 frameworks and applying these frameworks A working knowledge of policy frameworks such as ISO, COBIT and unified compliance framework Familiarity with local and regional regulatory requirements and how they impact IT policies Experience in developing and executing reporting strategies General technical knowledge of operating systems, databases, networks, and mobile and cloud computing Extensive experience with Microsoft Office Suite, i.e., Word, Excel, PowerPoint, and Visio Experience with MS SharePoint, including development and maintenance of SharePoint sites Experience with RSA Archer Experience in communicating to all levels of management, clients and vendors Strong English language skills, good writing, presentation, interpersonal, and communication skills are requiredExperience Three or more years of experience authoring global IT and/or Information Security policies, following an industry policy framework Three or more years of experience developing reporting strategies, including data mining, tool strategy, and analysis Five or more years of experience in the Information Technology, Information Security and/or IT Risk Management field(s)

Regístrate para ver los detalles del proyecto

Habilidades requeridas

Acerca de la empresa

Ernst & Young

Building a better working world
(0) | +50 trabajos publicados
Argentina Argentina
Diciembre de 2015

¿Tienes comentarios, ideas? ¿Has detectado errores, defectos? ¡Háznoslos llegar a nubelo!