Job added in hotlist
Applied job
Contract job
90-day-old-job
part-time-job
Recruiter job
Employer job
Expanded search
Apply online not available
View more jobs in Paramus, NJ
View more jobs in New Jersey
View Similar Jobs

Job Details

IT Risk Manager

Location
Paramus, NJ, United States

Posted on
May 18, 2022

Apply for this job






Profile

Job Description
Company Description Veolia Group aims to be the benchmark company for ecological transformation. With nearly 230,000 employees worldwide, the Group designs and provides game-changing solutions that are both useful and practical for water, waste and energy management. Through its three complementary business activities, Veolia helps to develop access to resources, preserve available resources and replenish them. In 2021, the Veolia group provided 79 million inhabitants with drinking water and 61 million with sanitation, produced nearly 48 million megawatt hours and recovered 48 million tons of waste. Veolia Environnement (Paris Euronext: VIE) achieved consolidated revenue of 28,508 billion euros in 2021.   ****Job Description The IT Risk Manager plays an integral part in the development, implementation, and compliance of IT security and risk polices across the business. The position is responsible for managing risks related to IT general controls, information security, governance, disaster recovery planning, privacy, projects, vendor risk management, and compliance.
Key Responsibilities:
Work with BTS and the business to ensure an acceptable level of IT policy, cybersecurity, risk and compliance, as well as:
Identifying and classify potential risks/threats to the organization’s IT environment.
Develops effective solutions for management of IT risk through: Tracking the completion of mitigation activities and projects
Managing the risk register with regular reporting
Tracking and document accepted risks
Manages risk and vulnerability assessments of projects, systems and vendors.
Collaborates with the organization’s broader Risk Management and Audit functions both locally and internationally to effectively manage and mitigate IT risk and security issues.
Suggesting enhancements to existing security products and assisting with identification of security requirements for new IT systems or projects.
Coordinate ongoing disaster recovery planning and annual testing.
Providing subject matter expert advice in information risk and security best practices.
Lead the design and operation of auditing and compliance monitoring processes, as well as remediation and control improvement activities, to ensure compliance both with internal security policies and applicable legislative, regulatory and contractual obligations and best practice guidelines.
Oversee and perform periodic audit and compliance reviews and provide relevant management reporting.
Provide a central liaison and coordination point for activities and reporting associated with internal and external auditors.
Review and assess existing controls, manage risk mitigation and control improvement programs, and provide relevant management reporting.
Perform application and project risk assessments.
Assist with the vendor risk management program.
Provide and contribute to the monthly metrics reporting.
Help automate in a GRC tool to augment effectiveness.
Assisting with questionnaire follow up with business interests.
Assisting with the vendor risk management program as required.  
Qualifications Core Requirements
A minimum of 10 years professional experience in IT, with at least 5 years’ experience in an Information Security and Risk Management role.
Must have a thorough understanding of US and critical infrastructure security management standards, including: ISO/IEC 27001 / 27002
PCI DSS
SOX/JSOX
NIST
Various State utility regulatory requirements
 Understand the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization and balance this with risk investments.
Must have a knowledge of security process frameworks, compliance and risk requirements and regulations, with particular regard to data privacy and protection.
Track record of implementing successful risk management & security control programs.
Strong written and verbal presentation skills.
Strong project and time management skills.
Be able to 'think outside the box' and provide both scenarios and solutions to the business to enhance the IT Risk & Security function.
Other Useful Skills & Experience:
One or more of the following industry certifications: CISSP, CISA, CISM, NIST CFP.
Experience in facilitating workshops and developing and conducting presentations and training for both business and technical audiences.
 Bachelors or Masters degree in computer science, business, or a related discipline .
Quality Management System
To be familiar with all documented operating procedures and work instructions that impact on this position.  To meet the company’s quality standards, benchmarking has been introduced to all departments to facilitate the process of information and data collection.  This process will help improve training methods and able to distinguish the cause of any issues.
To understand and to utilize the corrective action system to address systematic problems and opportunities identified in the course of duties.
Environmental Health and Safety
To be familiar with and comply with all Environmental Health and Safety policies, procedures, and standard operating procedures pertaining to the site.
To be pro-active in assisting with the development of safe work practices.
To report any non-conformance or matters of concern regarding Health and Safety, directly report to your OHS Committee representative.
Additional Information All your information will be kept confidential according to EEO guidelines.
Apply
Apply

Company info

Sign Up Now - InformationTechnologyCrossing.com

Similar Jobs:
:,ActualValueFromSolar:null},{QuestionName:External Title,AnswerValue:Sr. Manager, Business Transformation - Remote,VerityZone:formtext4,QuestionType:text,ActualValueFromSolar:null},{QuestionName:Employment Type,AnswerValue:Full-t...
Associate Director, Intelligent Automation
Location : Jersey City, NJ
Description The Associate Director, Automation Engineering identifies and implements solutions (hardware and software) for improvement of the high-quality intelligent automation services. The Associate Director, Automation Engine...
Director, Global Corporate Actions
Location : Greenwich, CT
Join the INTERACTIVE BROKERS team! Interactive Brokers Group has been consistently at the forefront of trading innovation , starting with the invention of the first floor-based handheld computer in 1983. We pride ourselves on bein...