IT Risk Senior Consultant (Full time or Contract work)

  • Contract

Company Description

Sia Partners is a unique global management consulting firm composed of 950+ passionate consultants who drive business changes among our customers. Through unparalleled industry expertise, we deliver superior value and tangible results to our clients in over 21 sectors and service teams.

Sia Partners has been present in the US since 2012 through an acquisition of a well-established consulting firm specialized in Financial Services, Oil & Gas and Energy. It has enjoyed continuous growth since: the US is now its second biggest market.

Sia Partners is hiring! Thanks to Sia Partners’ international footprint, the Financial Services and Gas Oil & Energy practices are strategically located in all major financial and energy hubs (New York, Charlotte, Houston, UK, Europe, and Asia Pacific) and our integrated model allows teams from different countries to easily partner, when appropriate.

Job Description

Developed an IT Risk framework (based on the COBIT 5.0 framework) and program composed of the 7 key deliverables below, including supporting processes and procedures for each of them.

  • Inventory of IT controls
  • Inventory of IT risks
  • IT risk taxonomy
  • IT risk register
  • Inventory of key risk indicators
  • Monthly dashboard
  • Quarterly heatmap report

Then, implement an IT Risk continuous monitoring process and an annual IT Risk assessment process.

This assignment is twofold:

I. This position is Project Management and reporting on IT Risk Framework

II. Development of IT Risk Framework

I.  Project Management and reporting on IT Risk Framework:
  • Develop, manage, and update a Key Risk Indicator inventory taking into account all elements of the IT infrastructure
  • Develop a Monthly IT Risk Dashboard, demonstrating trends, dynamics, and highlights reportable to senior management
  • Communicate with key IT stakeholders to discuss monthly data and IT Risks that arise
  • Model the process workflow of the system implementation of a Quarterly Application Risk Heat Map for a vendor application
  • Prepare presentations that are presented to senior IT management
II. Development of IT Risk Framework:
  • Develop and update an inventory of IT controls while mapping those controls to the COBIT 5 framework sub sections.
  • Develop and update an IT risk hierarchy.
  • Develop and update an inventory of IT risks while linking those risks to the inventory of IT controls.
  • Determine the ownership of each IT risk by linking them to one or multiple sub business units and validate this ownership with the IT managers.
  • Develop and update a register of IT risk events while linking those events to the inventory of IT risks.
  • Interact on a monthly basis with the technical teams, to get the data for the technical key risk indicators and include them in the monthly dashboard with the other indicators.
  • Design the different steps of an annual IT risk assessment process and assist through his initiation and implementation.
  • Produce the detailed requirements to implement all the above in a technical tool.
  • Constantly meet with the technical team, to make sure all the requirements (including the different workflows) are understood and on track to be delivered in the tool.
  • Make sure the deliverables are matching the internal audit and FED expectations.

Qualifications

  • Have a Bachelor’s Degree or higher level of education.
  • Must have strong Excel Skills Including: vlookups, vlookups returning multiple values, pivot tables
  • Knowledge of PowerPoint
  • Strong communication skills and ability to work with and face off with key stake holders in an organization
  • Proven experience of writing and assessing risk controls
  • Optionally, some IT technical knowledge (legacy asset management, patch management, internal & external vulnerability scans, malware and antivirus, basic networking concepts).
  • Optionally, COBIT 5.0 framework general concepts.
  • Planning and organizing
  • Strong Team player
  • Fast self-learning
  • Attention to technical detail, critical thinking
  • Technical understanding of IT infrastructure and IT Risk processes (business continuity and disaster recovery principles, internal and external IT audit, IT incidents including change management and capacity planning, threat intelligence)
  • Project management skills, ability to prioritize



Additional Information

  • Limited travel: Clients are based in NYC
  • Open to Contractors on W2 or full time employee’s
  • Ideally individual lives in tri-state area – No Relocation

All your information will be kept confidential according to EEO guidelines.


Sia Partners is an equal opportunity employer. At Sia Partners, we are committed to treating all Applicants and Associates fairly based on their abilities, achievements, and experience without regard to race, national origin, sex, age, disability, veteran status, sexual orientation, gender identity, or any other classification protected by law. 

Privacy Policy