It Risk Manager

Our financial services client is looking for an IT Risk Manager. The Technology Risk Manager will be responsible for the development and implementation of an enterprise-wide technology, cyber, and vendor risk management program within the second Line of Defense to ensure that risks are appropriately identified, assessed, monitored, and managed.
This is a 6 month contract with the possibility of extensions.
3 days onsite in Midtown, Manhattan and 2 days remote
Essential duties and responsibilities

• Implement the Technology, Cyber, and Vendor Risk Management Frameworks that provide oversight and independent challenge to the first line through an effective and objective assessment.
• Assess the accuracy, completeness, and adequacy of risks and controls
• Analyze business processes and requirements to ensure compliance with security policies and procedures
• Perform effective challenge of critical and high-risk technology processes, controls, and compliance activities
• Recommend enhancements to the business/technology processes and controls to improve the effectiveness of technology & vendor risk management capabilities
• Perform risk tracking, trending, analysis, and executive reporting
• Provide strategic thinking on the next levels of maturity in Technology & Vendor Risk management
• Act as a cross-functional partner in the deployment of our information security program within the Americas platform
• Lead process improvements and solution discussions and present outcomes in written and verbal format to senior management.

Qualifications

• Bachelor's degree in Information Technology, Information Security, Business Administration or Risk Management (or equivalent professional qualification), Master's Degree desirable
• 5-7 years experience specifically in Information Security and/or technology risk management
• Prior experience in the Financial Services industry is required
• Experience with GRC tools and other risk management information systems is preferred
• Proven track record for managing and enhancing control processes
• Experience in developing and implementing risk management programs
• Experience interacting with regulators, preferably FRB and NY Client
• Demonstrated ability to work effectively in a team environment as well as independently
• Demonstrated ability to drive projects
• Strong verbal and written communication as well as interpersonal skills
• Demonstrated ability to effectively handle a fast-paced environment and successfully meet established deadlines
• Strong analytical skills and advanced Microsoft Office (Word, Outlook, Excel, and PowerPoint) capabilities

Industry-recognized certifications within the domains of information security and or privacy (e.g., CISSP, GIAC, CISM, CISA, CIPP, CTPRP, CCSP, etc.) are considered a plus
Nesco Resource provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.