IT RISK MANAGER SKILLS, EXPERIENCES, AND JOB REQUIREMENTS

Published: Nov 13, 2025 - The Information Technology (IT) Risk Manager possesses extensive experience in risk management, audit, and IT control frameworks within regulated environments. This role requires strong analytical, communication, and organizational skills to ensure effective collaboration across teams and compliance with industry standards such as SOX and ERP system controls. The manager also ensures the consistent delivery of high-quality risk oversight, control assurance, and regulatory alignment within dynamic operational settings.

Essential Hard and Soft Skills for an IT Risk Manager Resume
  • Risk Assessment
  • Risk Management
  • Compliance Management
  • Audit Planning
  • Data Analytics
  • Policy Development
  • Cyber Resilience
  • Process Improvement
  • IT Governance
  • Control Design
  • Stakeholder Management
  • Communication
  • Collaboration
  • Relationship Building
  • Strategic Communication
  • Team Leadership
  • Risk Culture
  • Advisory
  • Stakeholder Engagement
  • Team Development

Summary of IT Risk Manager Knowledge and Qualifications on Resume

1. BS in Computer Science with 8 years of Experience

  • Experience providing impactful risk and internal control audit and advisory services
  • Must have a CPA, CIA, CISA or other relevant certification 
  • Experience assisting with establishing and operating high-performing Sarbanes-Oxley compliance programs and internal audit functions
  • Experience assessing and designing efficient and effective internal controls that address strategic, operational, reporting, and compliance risks across financial, operational, administrative and information technology (IT) processes
  • Ability to, and passion for, developing and expanding relationships with current and prospective clients
  • Experience participating in engagement pursuits, and preparing impactful materials in response to Requests for Information (RFI), Requests for Proposals (RFP) and other client engagement opportunities
  • Strong written and oral communication skills
  • Strong supervisory, leadership development and collaboration skills
  • Contribute to the development and advancement of solutions, capabilities and thought leadership
  • Experience with analytics and visualization, and presentation approaches and solutions
  • Experience in the life sciences, manufacturing / industrial products, professional services or energy industry
  • Experience working with organizations that utilize SAP, Workday, Oracle or Infor 

2. BS in Cybersecurity with 9 years of Experience

  • Must have industry-recognized certifications such as CRISC and/or CGEIT
  • Working experience in Information Technology Risk Management roles in Banking or Financial Services
  • Working experience in a Managerial/Supervisory role
  • Extensive knowledge of and experience in Information Technology Governance, Risk, and Compliance
  • Must have strong leadership skills
  • Strategic mindset, with excellent knowledge and understanding of the financial industry
  • Highly developed ability for conceptual thinking
  • Excellent communication and presentation skills
  • Well-developed impact and influence skills
  • Proven track record of building strong relationships across business functions
  • Extensive knowledge and experience in regulatory guidance, most importantly for the FDIC, CFPB, and FFIEC requirements and supporting guidelines
  • Strong presentation skills, in anticipation of audiences with varying IT knowledge
  • Ability to adjust presentation details based on the audience
  • Demonstrated ability to interact effectively, internally, and externally, with the most senior representatives of the Bank, other organizations, regulators, and vendors
  • Strong Microsoft Excel, PowerPoint, and report writing skills, including the ability to evaluate the usefulness of data and use it in meaningful communication

3. BA in Business Administration with 7 years of Experience

  • Proficient and up-to-date knowledge of information technology and risk management
  • Able to bring this knowledge together to ensure a highly effective ITRM function for GTS that provides subject matter expertise for senior management, enabling risk-based IT decisions and helping to prevent significant IT risk events
  • IT audit or IT risk management experience within the financial services industry
  • Excellent communication skills, both verbal and in writing
  • Strong program and people management capabilities
  • Strong understanding of IT architecture, cloud (AWS), security, and COBIT
  • Strong understanding of Enterprise Risk Management (ERM) and regulatory requirements, including GDPR
  • Strong advisory skills and diligent in meeting obligations
  • Effective leadership qualities to safeguard the IT risk profile of GTS and to set and manage the delivery of the ITRM annual plans
  • Effective advisor and challenger to GTS (senior) line management
  • Ability to set and foster a strong IT risk management culture
  • Demonstrates accountability and meets obligations
  • Strong focus on internal and external customers
  • Strong analytical skills to resolve challenges

4. BS in Information Systems with 5 years of Experience

  • Work experience in a similar consulting practice or function servicing cross-industry clients at a national level
  • Must have CISA, CISSP, CIA or CISM license/certification
  • Experience performing technology risk assessments and audits, operational internal audits, as well as process control reviews
  • Strong experience in staff and audit management in an integrated client service team
  • Ability to manage and develop staff in a highly interactive team environment
  • Exceptional client service and communication skills with a demonstrated ability to develop and maintain outstanding client relationships
  • Ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment
  • Strong leadership, business development, recruiting, training, coaching, and mentoring skills, coupled with excellent written, interpersonal, and presentation skills
  • Good familiarity with IIA’s Standards
  • Working experience in Practice development

5. BS in Information Technology with 6 years of Experience

  • IT audit and/or IT risk management experience at a Big 4 firm, a financial services company or other regulated organization
  • Hands-on experience with SOX audit and experience in performing tests of design and effectiveness over IT controls
  • Experience with a strong understanding of various Technology Functions
  • Ability to effectively complete control testing work papers, collect supporting evidence from different stakeholders and share the testing results with control owners to work on defining action plans to remediate the gaps
  • Capability to work on multiple tasks simultaneously with minimal direction in in fast-paced environment
  • Proactive, strong interpersonal skills
  • Proficient in Microsoft Excel and PowerPoint
  • Must have professional certifications, such as CGEIT, CISA, CISM, CISSP, CRISC
  • Experience with using or implementing GRC tools
  • Working knowledge of (or willingness to learn) key regulations within risk management and financial services industry, such as FFIEC, GLBA, GDPR, PCI
  • Familiarity in IT risk and compliance activities and general understanding of industry frameworks (such as COBIT, ITIL), and technology (Oracle database, Active Directory)

6. BS in Network Engineering with 8 years of Experience

  • Working knowledge of Cloud Security Framework, General Data Protection Requirement (GDPR), COBIT 5, PCI DSS, ISO 27001/2, HIPAA, California Consumer Protection Act (CCPA), NIST 800-171/800-53/NIST 800-37 required
  • Background and understanding of the risks and controls in technologies such as web, cloud, client/server, open systems architecture, data warehousing, and imaging
  • Proficient understanding of Cloud security, Identity and Access Management, ERP, Operating Systems, Databases, and Network Infrastructure components
  • Knowledge of risks and controls in emerging technologies based on Blockchain, Internet of Things (IoT), and Artificial Intelligence 
  • Experience managing simple and complex information technology internal audits
  • Experience managing teams of various sizes across geographical boundaries
  • Demonstrated ability to manage client engagements and supervise staff
  • Must have CISA, CISSP, CCSK, CIPP, or CRISC 
  • Experience in Risk management
  • Experience with complex (international) stakeholder management
  • Senior knowledge in Business Continuity Management, Information (Cyber) Security, IT Risk, Outsourcing (Cloud) risk and Identity Access Management
  • Excellent oral and written communication skills in English and Dutch

7. BA in Management Information Systems with 7 years of Experience

  • Experience in Risk Management, Risk Advisory, Internal Audit, External Audit, Finance, Actuarial or Compliance
  • Knowledgeable in the Financial Services industry, especially insurance
  • Experience in an Information Security and Risk Management role
  • Must have a thorough understanding of critical infrastructure security management standards, including ISO/IEC 27001 / 27002, PCI DSS, SOX/JSOX, and NIST
  • Understand the trade-offs to manage the different levels of risk tolerance and risk exposure across the organization and balance this with risk investments
  • Must know security process frameworks, compliance and risk requirements and regulations, with particular regard to data privacy and protection
  • Proven track record of implementing successful risk management and security control programs
  • Strong written and verbal presentation skills
  • Strong project and time management skills
  • Able to "think outside the box" and provide both scenarios and solutions to the business to enhance the IT Risk and Security function
  • Must have one or more of the following industry certifications: CISSP, CISA, CISM, NIST CFP
  • Experience in facilitating workshops and developing and conducting presentations and training for both business and technical audiences

8. BS in Computer Engineering with 8 years of Experience

  • Possess recognized certificates of Enhanced Competency Framework for Banking Practitioners (e.g., CISA, CISSP, CRISC, CGEIT, CCSP)
  • Working experience in the banking industry
  • Working experience in technology risk management, technology compliance or technology audit review
  • In-depth understanding of the HKMA’s and other regulatory requirements
  • Experience in Technology Risk, Technology Audit or related field
  • Experience with SSAE16/ISAE3402/AAF reporting requirements
  • Working knowledge of Tableau or other data visualisation tools
  • Experience in presenting and articulating risks to senior stakeholders
  • Must be comfortable with navigating ambiguity to extract meaningful insights
  • Experience working in or migrating organisations into the Cloud
  • Must have qualifications such as CRISC, CISA, and ISMS Auditor
  • Knowledge of Agile change delivery methodology
  • Knowledge of DevOps and Shift Left concepts

9. BA in Finance with 9 years of Experience

  • Experience in Compliance, Internal Audit, Risk Management, Financial Services, Process Improvement, or related field
  • Experience in Risk Management, Financial Services, Process Improvement, Information Technology, Audit, or related field
  • Working knowledge and deep understanding of Technology and its management lifecycle
  • Experience in Risk Management, Financial Services, Process Improvement, Information Technology, Audit, or related field, including people management
  • Must have CRISC, CGEIT, CISA, CISM, CISSP
  • Working knowledge of Technology and risk constructs aligned to the COBIT framework including IT Service delivery Orchestration, Enterprise Architecture, Cloud deployment models and associated security risks
  • Knowledge of technology risk programs and processes including Audit and Assessment reviews, Change Management, SDLC, KRIs and KPIs reporting
  • Technical knowledge of reference architecture, container orchestration, DevSecOps construct including CI/CD pipeline and tools
  • Sound understanding of networking topologies, security tools, and microservice application architecture
  • IT risk experience within Financial Services
  • Experience with IT Architecture and Security Design
  • Solid understanding of GDPR and information governance
  • Knowledge of Cloud Technologies
  • Strong track record of building and maintaining relationships across internal and external lines of business and business partners

10. BA in Management Information Systems with 7 years of Experience

  • Experience in an Information Security/GRC role
  • Experience in an IT Risk Management Role
  • Experience in Healthcare, Pharma or Bio-Technology organization
  • Strong project management skills to simultaneously work on multiple projects concurrently
  • Experience with managing a GRC tool support life cycle
  • Strong written and oral communication skills with the ability to explain technical ideas to non-technical individuals at any level
  • Adaptable to shifting priorities, demands, and timelines through analytical and problem-solving capabilities
  • Able to react to project adjustments and alterations promptly and efficiently
  • Ability to lead a team and collaborate with other leaders throughout the organization
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
  • Knowledge of Information Security standards (ISO/IEC 27001, 27002, NIST CSF, NIST SP 800-53, CIS Controls)

11. BA in Economics with 6 years of Experience

  • Experience in different roles within Security, Risk Management, Audit or Information Technology in a complex organization in the financial sector
  • Experience in specialized IT-risk related topics (including Business Continuity Management, Outsourcing, cloud, DevOps, emerging technologies, project management, data analytics)
  • Demonstrable experience with the practical application of IT Risk Frameworks
  • Proficient in the Dutch and English languages, both verbally and in writing
  • Excellent team player, easily cooperating with colleagues from different departments
  • Experience in Project Management and/or Consultancy
  • Knowledge of the Rabobank organization
  • Must have Risk Management Certifications
  • Substantial experience in a security risk management role
  • Deep understanding of security risk assessment concepts
  • Ability to create professional management reports, security policies and standards
  • Experience creating and/or delivering security awareness training programs
  • Familiarity with major security standards and compliance frameworks (eg, ISO27001, NIST)
  • Ability to work to own initiative

12. BS in Computer Science with 8 years of Experience

  • Must have relevant professional certification (CISA or equivalent) 
  • Experience in IT risk management, with relevant knowledge of the Information Security industry
  • Strong expertise in the development and analysis of IT Risk assessments for Enterprise Risk Appetite and Executive Reporting
  • Solid knowledge and experience in the Security risk management framework
  • Experience in developing Risk Scorecard and Risk Reporting for Executive Management and the Board
  • Experience in deep diving to develop an understanding of the business and the applicability of the IT risk management framework
  • Experience implementing and maintaining processes to support IT risk programs
  • Experience navigating through ambiguity
  • Excellent verbal, written, and interpersonal communication skills
  • Ability to work effectively in a team environment and across different organizational levels, where flexibility, collaboration, and adaptability are important
  • Ability to prioritize work, meet deadlines, achieve goals, and work under pressure in a dynamic and complex environment
  • Excellent knowledge of Microsoft Office Suite and GRC tools
  • Big 4 experience in Risk Management in Information Technology

13. BS in Information Systems with 5 years of Experience

  • Experience in Risk and Compliance
  • Prior experience and understanding of ITGC, PCI DSS, Data Privacy, and Information Security
  • Project Management and resource management experience
  • Experience with driving compliance remediation efforts
  • Prior experience developing and delivering presentations to C-level executives
  • Ability to influence and communicate across all business levels 
  • Strong problem-solving skills, strong analytical ability, and the ability to decipher and understand team dynamics
  • Must be able to adapt to quickly changing situations
  • Solid computer skills, with advanced PowerPoint skills and strong business computer applications

14. BA in Business Administration with 7 years of Experience

  • Work experience in IT Risk Management, IT Security Standards and IT Compliance
  • Good command of English both written and spoken
  • Background in IT From the Banking Industry
  • Possess Leadership skills and Team Management
  • Good command of Microsoft Office usage
  • Excellent written and verbal communication and presentation skills
  • Strong analytical and evaluation ability, and problem-solving skills
  • Strong interpersonal skills, able to establish credibility at all levels
  • Strong persuasion and influencing skills
  • Self-motivated team player able to work effectively with diverse client groups and also on own initiative
  • Strong planning and organizational skills
  • Significant broad IT experience, at least some of which has been in a security role
  • Good working knowledge of Information Security and SOC1 and SOC2, ISO 27001, PCI DSS, HITRUST, My CSF, GLBA, HIPAA principles and practices
  • Broad awareness of hardware/software security products

15. BA in Risk Management with 6 years of Experience

  • Proven track record of successful delivery in a similar role, ideally within a large financial services company
  • Strong experience of the PRA/FCA approach to risk management
  • Thorough understanding of current best practice relating to the management of operational risk within IT, change and security risks
  • Strong working knowledge of the wider financial services industry with a track record of working with and providing oversight to 3rd parties
  • Experience of working in a project environment
  • Well-versed in acting as a leader with the ability to influence and drive change
  • Industry qualifications/knowledge, e.g., ACA/CA/ACCA/CIMA/CMIIA, CISA, CRISC, SOx, COSO, COBIT, ITIL, and ISO27001
  • Corporate risk management, consulting, or related experience
  • Knowledge of privacy laws and regulations (GDPR, PCI-DSS, HIPAA)
  • Knowledge of IT controls frameworks (NIST, ISO 270xx, CIS)
  • General knowledge of IT systems (applications, operating systems, databases, infrastructure)
  • Experience working in an AWS, Azure, or GCP Cloud environment
  • Must have CISA certification

16. BS in Computer Engineering with 8 years of Experience

  • Experience in cybersecurity consulting in a consulting firm, federal government and/or corporate environment
  • Proven experience with, or extensive knowledge of, some of the following: cybersecurity policy or strategy development, digital risk management, security assessments, implementing and running cybersecurity programs, cyber supply chain risk management/third party risk management, identity management, data protection, cyber threat management, privacy, cybersecurity workforce development, cybersecurity awareness and training methods, business resilience
  • Broad knowledge of cybersecurity technologies throughout the acquisition lifecycle
  • Working knowledge of cybersecurity or risk management frameworks, e.g., NIST Cybersecurity Framework, ISO/IEC 27000 family, ISM, PSPF, COBIT, COSO
  • Knowledge of cybersecurity for Cloud, Big Data, ICS and Mobile environments
  • Knowledge and experience with industry cybersecurity regulatory environments
  • Ability to write proposals, reports and develop client presentations
  • Ability to present to senior management groups for both training and reporting purposes
  • Broad generalist digital/technology skills and knowledge
  • Excellent communication, client-facing and consulting skills
  • Strategic mindset, presence and gravitas
  • Must have relevant cybersecurity certification such as CISSP, CISM, CRISC

17. BS in Information Assurance with 6 years of Experience

  • Experience in an applicable IT risk management environment (public accounting, external audit, or internal audit)
  • Equivalent experience in internal control assessment or financial reporting roles 
  • Experience with financial institutions
  • Excellent written and verbal communication skills to effectively interact with business lines, audit teams, and program management
  • Knowledge of applicable laws, regulations, and regulatory trends that impact financial institutions
  • Proficient analytical abilities to analyze business processes and determine their impact on operations and financial reporting
  • Demonstrated leadership in a risk management or banking environment
  • Strong analytical, problem-solving and negotiation skills
  • Proficient in computer skills, especially Microsoft Office applications
  • Working experience in the field of information technology, information security as well as in dealing with compliance aspects or performing IT audits
  • Possess knowledge of relevant risk and security-related standards (e.g., ISO/IEC 270xx)
  • Must have a doer and team-player mentality, a strong sense of ownership and project-management skills
  • Able to come up with creative solutions quickly and improve them over time, following the 80/20 principle

18. BA in Operations Management with 5 years of Experience

  • Experience in Risk Management 
  • Experience and understanding of cybera and information security, compliance, and risk
  • Knowledge of risk frameworks
  • Understanding of ISO27001, ideally possess ISO 27001 Lead Auditor certification
  • Experience of working across diverse, cross-functional and multi-level teams to deliver team objectives
  • Strong communicator, both verbal and written, able to manage a diverse range of stakeholder needs and personalities
  • Self-motivated individual with a passion to make a real difference in how risk management is managed across TSS
  • Excellent analytical, assessment and presentation skills
  • Highly organised, able to approach and organise workloads in a structured way, ensuring that priorities are managed and deadlines are met
  • Ability to influence at all levels of the organisation
  • Working knowledge of Outlook, MS Word, PowerPoint and Excel 

19. BA in Accounting with 7 years of Experience

  • Exposure to risk management for infrastructure environments at an enterprise scale (e.g., IT Security, Cyber Security, Security Operations, Governance)
  • Previous experience with technology controls programs and risk domains (e.g., change management, SDLC, information security practices, COBIT / ITIL frameworks)
  • Working knowledge of agile methodologies and organizational principles
  • Exceptional verbal and written communication skills, including the ability to translate requirements effectively and coordinate team discussions
  • Must be extremely detail-oriented, very organized and value the integrity of the data
  • Strong analytical and problem-solving ability, capability to switch context quickly and work on multiple streams of work concurrently
  • Ability to build and sustain relationships with individuals at all levels of the organisation and leverage this to achieve work-related objectives
  • High proficiency with MS Office productivity tools (Word, PowerPoint) with advanced skill in data manipulation using Excel
  • Risk, regulatory and/or compliance consulting
  • Experience with investment banking technologies
  • Experience of auditing within a technical environment
  • Working knowledge of Operational Risk and associated regulations (e.g., Basel, SOX)
  • Working experience in Project Management (e.g., PMP)
  • Must have industry-recognized risk-related qualifications (e.g., SOC, CISSP, CISM, CISSP, CISA) 

20. BS in Systems Engineering with 10 years of Experience

  • Advancing risk management acumen to include growing ability in the design and application of controls, as well as the identification and articulation of risks including technology, resiliency, cybersecurity, data management, service delivery, and SDLC
  • Experience working through organizational change
  • Ability to apply cultural and local market considerations in analysis
  • Demonstrated ability to influence meaningful change, including a successful record of accomplishment aiding a move forward with emerging technologies, ecosystems, or new partnerships
  • Ability to connect, build relationships and influence business leaders across all levels
  • Demonstrated success executing IT operational risk assessment and self-testing activities
  • Experience building, leading and executing a 1st line risk program focused on technology process, risk and control self-testing
  • Must have technical acumen related IT processes, practices, and capabilities
  • Subject matter expertise in the components and risks related to cloud, information security and cyber, agile development methodology, computer and network infrastructure, and privacy
  • Experience executing process and control testing focused on assessing design and operating effectiveness
  • Background in executing risk assessments that would include identifying and determining the level of risks related to people, financial, information, technical, third-party, etc.
  • Experience working through change, ability to apply cultural and local market considerations in analysis
  • Demonstrated ability to influence and significant change, including a successful track record in evaluating and assisting to move forward with emerging technologies, ecosystems or new partnerships
  • Strong verbal and written communication skills, including the ability to connect, build relationships and influence business leaders across all levels
  • Must have CISSP, CRISC, CISA, and CISM certifications

21. BS in Database Management with 6 years of Experience

  • Experience in a similar role in financial or banking services
  • Hands-on experience in technology and information security processes
  • Practical knowledge of key principles of Operational Risk management
  • Strong analytical skills with the ability to solve problems independently and drive tasks to completion
  • Advanced Excel skills, including data import, pivot tables, lookups, and data analysis
  • Strong written and verbal communication skills with the ability to summarize complex information clearly for senior technical and non-technical audiences
  • High level of attention to detail and focus on precision
  • Good interpersonal skills, with an ability to navigate complex organizations and build relationships
  • High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
  • Proficient with data analytics and reporting
  • Prior experience working in a large bank
  • Understanding of risk assessment methodologies, internal controls and industry technology risk management frameworks
  • Knowledge of the FFIEC IT Handbooks, and related laws and regulations including OCC Heightened Standards for Large Banks, 12 CFR 30 Safety and Soundness Standards
  • Familiarity with data analysis tools such as QlikView, Tableau or Power BI Education

22. BA in Public Administration with 7 years of Experience

  • Delivery-oriented person who provides reliable reporting promptly
  • Effectively mentor colleagues to improve the IT Risk within the DARE environment
  • Adapt to change in a fast-paced environment
  • Effective and able to negotiate and influence others to deliver appropriate IT security and risk components in business outcomes (within DARE central team, local entities, and within IT Risk and Security functional line)
  • Motivated by delivering to tight deadlines for a variety of stakeholders and stays calm under pressure
  • Effectively and constructively deal with conflict
  • Efficient and effective through their ability to multitask and organizational skills
  • Self-starter who is comfortable in using their own initiative
  • Supports quality outcomes through their high attention to detail
  • Excellent verbal and written communication skills in English
  • Previous technical domain experience to include Architecture, DevOps, Security, Application Development and/or Infrastructure/IT Ops, etc.
  • Primary responsibilities are focused on key program pillars including the risk assessment process, due diligence, and ongoing monitoring
  • Experience working with Risk, Security or Audit frameworks
  • Experience evaluating IT Architecture design for infrastructure, virtualization, cloud technology and business technology architecture for financial institutions
  • Able to develop and recommend strategies and tactical approaches that streamline activities and increase productivity to eliminate bottlenecks as the scope of the area’s responsibilities expands

23. BS in Cybersecurity with 9 years of Experience

  • Strong awareness of the balance between risk, control and growth
  • Able to translate complex technical terms into simple business language
  • Self-motivated and able to generate new ideas
  • Strong Stakeholder Engagement skills
  • Strong experience in technology transformation and delivering at pace
  • Strong awareness of Technology and Cyber risk management best practices
  • Experience with data and digital transformations
  • Experience in conducting thematic risk assurance assessments
  • Strong report writing skills and an ability to present complex subjects simply
  • Working experience in Financial Services 
  • Experience with eGRC systems
  • Experience in financial services
  • Must be an experienced leader and a proven IT risk specialist
  • Knowledge of IT risk assessment and controls management, including an understanding of industry frameworks
  • Proven experience building and leading a team of risk experts and experience interacting and delivering on Regulatory reviews
  • Effective relationship management, communication and influencing skills both written and verbal, at senior levels
  • Proven understanding and demonstrable experience of financial services industry products and regulations at a senior level

24. BS in Network Engineering with 8 years of Experience

  • IT experience to include Cloud and VM
  • Hands-on experience in IT Risk and Security
  • Proven track record in a similar role within a global IT environment and can demonstrate a strong hands-on approach and first-line experience
  • Demonstrate they can solve complex problems and then effectively communicate this information to a variety of stakeholders with varying levels of IT knowledge or experience
  • Proven team player who is proud of their craft and contribution to customers
  • Demonstrate a positive can-do mind-set
  • Cersatile and has mature IT skills
  • Experience in a DevOps culture and is eager to learn new technologies
  • Working experience with application assessment, vulnerability scanning, security testing, DLP, SIEM, and Cloud security
  • Understanding incident management and forensics for security-related issues
  • Excellent document and reporting skills
  • Able to work without clear direction to achieve results
  • Able to work well under pressure, keeping a well-composed image
  • Experience in a similar role at a Big Four company or consulting firm
  • Excellent written and spoken communication skills in English, French and German 
  • Self-starter who wants to push things to the market

25. BA in Economics with 6 years of Experience

  • Must have CISA, CISM, or equivalent qualification
  • Experience in Risk and Governance Domain
  • Strong Knowledge of Information Security domains and Cloud Security process
  • Proven experience in implementing an IT Risk Governance Framework in a global context
  • Strong relationship-building capability
  • Strong communication skills, both written and verbal
  • Proven experience in managing an effective working relationship with audit departments, and challenging
  • Strong appreciation of the governance processes and challenges
  • Strong appreciation of the IT infrastructure and application area in a complex environment
  • Proven experience in leading and managing teams in a diverse and extended logistical environment
  • Good commercial awareness and understanding of providing TCO models

26. BA in Management Information Systems with 7 years of Experience

  • Ability to clearly identify, assess and express risks, relating them to the wider business context
  • Understanding of risks and controls relating to the governance and management of IT as well as the technology itself
  • Excellent stakeholder management and collaboration skills
  • Able to be confident in presenting IT quality and risk position and recommendations to both and IT and business audience
  • Able to be a business-focussed, creative, innovative, pragmatic and positive team player
  • Ability to thrive in a fast-paced environment and independently manage priorities and challenges to balance delivery across multiple initiatives, stakeholders, etc.
  • Knowledge of topic-specific frameworks and methodologies in areas such as Information Security (NIST, ISF, ISO 27001), IT architecture (e.g., TOGAF), software development and testing (e.g., TDD, BDD), Service Delivery (e.g., ITIL), etc.
  • Experience in a large and complex organisation
  • Good knowledge and experience in risk and regulatory landscape, operational IT, business knowledge and operational risk and compliance frameworks
  • Working knowledge of technology program/project management
  • Adaptive influencing and relationship-building skills across senior stakeholders and peers
  • Excellent problem-solving skills
  • Strong skills in planning, project management and attention to detail
  • Ability to work under pressure with shifting priorities in a dynamic work environment

27. BA in Finance with 9 years of Experience

  • Outstanding customer relationship management experience and collaboration skills
  • Demonstrated ability to think strategically about business, product, and technical challenges
  • Experience with leading solution delivery in multiple security areas such as IAM, Incident Response, Compliance, Data Protection, or DevSecOps
  • Experience delivering Consulting / Professional Services in leadership and execution roles
  • Direct people management, leading a team of technical resources, and cloud security engineers
  • Highly strategic and analytical, possessing 6 or more years of relevant IT experience
  • Strong understanding of Global Fortune 500 enterprise customers and partners' operations, technology, and processes
  • Demonstrated ability to think strategically about cloud business, product, and technical security challenges
  • Experience with the design of modern, scalable delivery models for technology consulting services
  • Enterprise security solution implementation and operations experience, including identifying the relationships between business services, information, applications, and global infrastructure assets
  • Strong verbal and written communication skills and ability to lead effective cross-organizational, geographically distributed teams
  • Skilled at explaining complex technical issues in terms understandable by the business
  • Strong sense of ownership, urgency, and drive
  • Ability to make concrete progress in the face of ambiguity and imperfect knowledge (avoid “analysis paralysis”)
  • Sharp analytical abilities and proven design skills
  • Experience providing training and mentorship
  • Familiarity with compliance and security standards including PCI DSS, ISO 27001, and NIST

28. BS in Computer Engineering with 8 years of Experience

  • Experience in a similar role and/or working in a risk management/audit environment or financial services entity
  • Good understanding of the NIAC and BoI Group's key businesses, priorities and challenges, in addition to the regulatory environment in which NIAC operates
  • Strong communication, organisational and influencing skills, including the ability to interact effectively at all levels, both internally and externally
  • Proven track record that demonstrates integrity, resilience, good judgement and independence
  • Ability to work individually and in an agile and flexible team-based environment
  • Proven ability to deliver high-quality work within ambitious timelines
  • Multiyear IT Risk and Control experience in an Operational Risk environment
  • Proven track record working in Risk Management / LOD / IT functions
  • Proven track record working with regulators/auditors
  • Thorough understanding and implementation experience of IT Risk and Control frameworks
  • Knowledge and understanding of auditing and controls and experience working with IT operating procedures in the pharmaceutical/biotech industry
  • Experience in information and IT services including knowledge of auditing principles, auditing standards and Sarbanes-Oxley (SOX) requirements
  • Experience working with IT general computer controls
  • Knowledge of application access and configuration controls and reviews in an Enterprise Resource Planning (ERP) application environment (e.g., Oracle EBS) 

29. BA in Operations Management with 5 years of Experience

  • Experience in leading IT Security, IT Risk and Compliance, or similar
  • Knowledge of ISO27001, ISO27701, SOC1, PCI, SOX, cloud technologies, and data protection regulations and requirements for Japan
  • Background in either the more traditional financial services industry, fintech, or related industry
  • IT Controls Framework development or working knowledge
  • Experience of working with or within IT internal audit/external audit teams, particularly within a big 4 or similar environment
  • Knowledge of ERP systems, particularly SAP
  • Knowledge of Sarbanes-Oxley (SOX)
  • Excellent interpersonal, communication and presentation skills
  • Strong analytical and problem-solving skills, being able to decipher sometimes complex information, analyse and report on for different audiences
  • Organised, methodical and capable of managing multiple projects at once
  • Working experience in  Financial Services or Retail 

30. BS in Digital Forensics with 7 years of Experience

  • Advanced knowledge of ETRM solutions and architecture
  • Advanced knowledge of the software development lifecycle
  • Advanced knowledge of risk management functions and data
  • Advanced knowledge of project management
  • Advanced knowledge of system integration
  • Intermediate knowledge of cybersecurity and infrastructure concepts
  • Advanced knowledge of business continuity planning and support
  • Advanced customer focus skills
  • Advanced accuracy skills
  • Advanced stakeholder management skills
  • Advanced vision creation skills
  • Must have certification in any of the following: CRISC, CISA, CISSP, CISM, CIA, PECB (ISO)
  • Must have ITIL (Foundation) certification
  • Experience with relevant IT, risk, auditing, governance and compliance experience and/or management experience
  • In-depth knowledge of security issues, techniques and implications across all existing computer platforms
  • Experience in the financial services industry
Relevant Information
IT Service Manager Skills, Experience, and Job Requirements
IT Delivery Manager Skills, Experience, and Job Requirements
IT Support Manager Skills, Experience, and Job Requirements
IT Security Manager Skills, Experiences, and Job Requirements