Third Party IT Risk Management

Request Technology
115000.00 - 140000.00 USD Annual + Bonus
16 May 2019
30 May 2019
Professional / Specialist
Information Technology
Contract Type

*Permanent full time role*

A prestigious company is on the search for a Third Party IT Risk Management. This individual will be doing IT operation risk management providing risk advisory and third party IT risk management. They must have SOX experience in internal and external risk management. They need to have experience with IR governance and controls, including governance frameworks like COBIT, FFIEC, COSO, ISO-31000. They would like for this person to have one or more of the following certifications, CISA, CPA, CIA, PMP, or CISSP.


  • Understanding how to develop and execute a Third Party IT Risk Management program
  • Understanding and managing Information and Technology risk associated with the operational processes for the IT division
  • Apply sound judgment in evaluating risks and controls; effectively challenge the business on the identification and acceptance of risks and the adequacy of controls
  • Perform risk assessments to reassess current risks and to identify emerging key risks (operational, compliance, technology, third party, etc.); Identify and assess control effectiveness and/or gaps
  • Providing transparency of risk exposures through implementing sound reporting for risk-based decision making
  • Advise the IT customers on means and methods to drive remediation of risk related issues and operational events
  • Reporting of IT risk metrics and data


  • 5-7 years of experience working with SOX, practical experience in internal/external audits, risk management - methods and techniques for the assessment and management of risk
  • Bachelor's Degree or equivalent work experience
  • Ability to operate as a self-motivated, pro-active, and result-driven problem solver with excellent analytical and communication skills
  • Ability to understand IT business processes, management objectives, risk appetite and tolerances and impact of changes to risk profiles
  • Experience in IT governance and controls, including governance frameworks, COBIT, FFIEC, COSO, ISO-31000, etc.

Preferred Skills

  • CISA, CPA, CIA, PMP, CISSP or other relevant professional certification
  • Financial Services experience
  • IT Risk management experience
  • Knowledge and skills across:


-ISACA Risk IT framework


-ISO 31000-series and 27000-series, 13335