Consultant, Tech Risk & Info Sec
Infosec Technical Consultant
Job Number: 21-13349
Job Number: 21-13349
Help drive change! Eclaro is looking for an Infosec Technical Consultant for our client in Chicago, IL.
Eclaro’s client is a leading global bank stimulating change and innovation in the industry by offering top-notch financial products and services for a wide-range of clients worldwide. If you’re up to the challenge, then take a chance at this rewarding opportunity!
- This individual's primary day to day responsibility will assist with tasks to be used in support of IT risk and control assessments, information security initiatives, and /or management reporting.
- In particular, this individual will have a role in the identification, assessment and reporting of technology and information security risk and shared responsibility for execution of tasks associated with one or more key practice areas defined in the Information Security and Technology Risk Management Program.
- Position is an independent contributor and will work closely with peers and manager on assisting with strategic IT Risk and Information Security projects as assigned.
- Define and identify risks associated with the use of technology for internal systems and hosted external systems.
- Define requirements and work with other team members on plans for various information security and technology risk management programs.
- Provides feedback on Information Security and Technology Risk programs to ensure relevant industry regulations, standards and compliance requirements are met.
- Ensure that risk management programs communicate security policies and requirements so people know, understand and can follow.
- Produce meaningful, measured metrics in regards to authored risk management programs.
- Review and assess controls through established frameworks.
- Support training and awareness activities for assigned disciplines.
- Work with individuals to determine action plans to remediate identified risks.
- Complete peer reviews of risk assessment or other test results and findings within the team as assigned.
- Document and report findings and remediation plans to management.
- Collaborate with Information Security, Privacy, and Risk Management teams to provide continuous improvement to Information Security and Technology Risk Policies and frameworks.
- Support Regional Information Security Officers in Information Security activities as needed.
- Provide consulting to the business on IT Risk.
- Provide support and sponsorship for strategically important projects related to information security and technology risk management. Assist with plans for these project deliverables, goals and milestones.
- Participate in cyber security incident response as required.
- Remain informed on trends and issues in the security industry, including current and emerging technologies and prices. Advise, counsel, and educate team members and other peers on their relative importance.
- Minimum of 5 years of IT audit or IT risk management experience
- Preferred: Current CISA, CISM, CRISC, CISSP or similar IT certifications.
- Bachelor's degree in Accounting, Finance, Information Technology, Management Information Systems, Computer Science or a related discipline.
- Understanding of information security, IT audit and IT risk management principles.
- Limited experience with assessing IT related processes such as system and information security, system development and change management, computer operations and data protection.
- Awareness of Financial Services industry regulations, specifically those set forth in the Federal Financial Institutional Examination Council (FFIEC) handbooks and other country specific regulatory authorities.
- Awareness of industry accepted IT risk management and control frameworks such as COBIT 5, ISO 27001/27002 and NIST 800-53.
- Limited experience in specific information security disciplines such as forensics, secure development, threat intelligence or penetration testing.
- Demonstrated ability to work well in both an individual contributor and team capacity, in particular multi-national teams.
- Able to effectively participate in projects and complete multiple tasks simultaneously and efficiently while maintaining a sense of urgency and attention to detail.
- Strong written and verbal communication skills. Able to prepare clearly written, organized documents, reports and communications that demonstrate proper justification and support for any conclusions and assessment results and contain correct grammar, punctuation and spelling.
- Able to interact in a professional manner and develop relationships with individuals and teams at any level in Client
If interested, you may contact:
Tony Clariza | LinkedIn
Equal Opportunity Employer: Eclaro values diversity and does not discriminate based on Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.