Sia Partners is a unique global management consulting firm composed of 950+ passionate consultants who drive business changes among our customers. Through unparalleled industry expertise, we deliver superior value and tangible results to our clients in over 21 sectors and service teams.

Sia Partners has been present in the US since 2012 through an acquisition of a well-established consulting firm specialized in Financial Services, Oil & Gas and Energy. It has enjoyed continuous growth since: the US is now its second biggest market.

Sia Partners is hiring! Thanks to Sia Partners’ international footprint, the Financial Services and Gas Oil & Energy practices are strategically located in all major financial and energy hubs (New York, Charlotte, Houston, UK, Europe, and Asia Pacific) and our integrated model allows teams from different countries to easily partner, when appropriate.

Overview of Role:

Developed an IT Risk framework (based on the COBIT 5.0 framework) and program composed of the 7 key deliverables below, including supporting processes and procedures for each of them.

• Inventory of IT controls
• Inventory of IT risks
• IT risk taxonomy
• IT risk register
• Inventory of key risk indicators
• Monthly dashboard
• Quarterly heatmap report

Then, implement an IT Risk continuous monitoring process and an annual IT Risk assessment process.

Role and Responsibilities:

• Develop and update an inventory of IT controls while mapping those controls to the COBIT 5 framework sub sections.
• Develop and update an IT risk hierarchy.
• Develop and update an inventory of IT risks while linking those risks to the inventory of IT controls.
• Determine the ownership of each IT risk by linking them to one or multiple sub business units and validate this ownership with the IT managers.
• Develop and update a register of IT risk events while linking those events to the inventory of IT risks.
• Interact on a monthly basis with the technical teams, to get the data for the technical key risk indicators and include them in the monthly dashboard with the other indicators.
• Design the different steps of an annual IT risk assessment process and assist through his initiation and implementation.
• Produce the detailed requirements to implement all the above in a technical tool.
• Constantly meet with the technical team, to make sure all the requirements (including the different workflows) are understood and on track to be delivered in the tool.
• Make sure the deliverables are matching the internal audit and FED expectations.

Skills Required:

• 3 plus years of experience.
• Strong knowledge of Excel (vlookups, vlookups returning multiple values, pivot tables) as most of the deliverables are Excel documents.
• Basic knowledge of PowerPoint as the reporting is done mostly using charts.
• Good communication as there is a need to interact with the manager of every different IT team.
• Optionally, some IT technical knowledge (legacy asset management, patch management, internal & external vulnerability scans, malware and antivirus, basic networking concepts).
• Optionally, COBIT 5.0 framework general concepts.
• Planning and organizing.
• Teamwork.
• Fast self-learning.
• Bachelor's Degree or higher level of education.

All your information will be kept confidential according to EEO guidelines.