Key responsibilities of this role include, but are not limited to:
- Develops, implements, and monitors KPIs to measure the effectiveness and efficiency of IT operations.
- Identifies and analyzes IT-related risks and assesses their potential impact on the organization.
- Develops and maintains an IT risk management framework that aligns with the organization's risk appetite and tolerance levels.
- Collaborates with other IT teams to ensure that risk management activities are integrated into IT processes and practices.
- Provides guidance and training to IT staff on risk management principles, processes, and practices.
- Develops and maintains an IT risk register to track identified risks, their status, and mitigation strategies.
- Coordinates and facilitates risk assessments, including identifying and engaging stakeholders, developing risk scenarios, and conducting risk analysis.
- Develops and maintains policies and procedures related to IT risk management, including risk identification, assessment, mitigation, and monitoring.
- Provides regular reports to senior management on the status of IT-related risks and mitigation activities.
- Participates in the development and implementation of IT-related business continuity and disaster recovery plans.
- Monitors compliance with IT-related laws, regulations, and industry standards.
- Develops and maintains relationships with key stakeholders, such as internal auditors, regulators, and external auditors.
- Coordinates and manages internal and external audits related to IT operations, including providing necessary documentation and responding to audit findings.
- Collaborates with other IT teams to identify and implement opportunities for process improvements and automation.
- Identifies and prioritizes IT-related projects and initiatives based on their potential impact on risk management and KPIs.
- Develops and manages budgets and resource plans for risk management and KPI activities.
- Ensures that IT-related contracts and agreements comply with the organization's policies and procedures.
- Develops and maintains a knowledge base of best practices and emerging trends in IT risk management and KPIs.
What we are looking for:
- A minimum of 3-5 years of relevant experience in a similar role will be helpful.
Having relevant certifications such as CISA, CRISC, CISSP, or ITIL may also be considered as evidence of knowledge and skills in this area.
- Strong analytical and problem-solving skills
- Excellent communication and interpersonal skills
- Project management and coordination skills
- Change management and stakeholder management skills
- Strategic thinking and planning skills
- Collaboration and team-building skills
- Attention to detail and accuracy
- IT risk management, compliance, and governance experience
- Developing and implementing KPIs and metrics experience
- Conducting risk assessments and developing risk management frameworks experience
- Managing and coordinating audits and compliance activities experience
- Managing budgets and resource plans experience
- Working with IT teams and cross-functional teams experience
- Communicating with senior management and external stakeholders experience
- IT risk management and compliance frameworks and standards knowledge
- IT-related laws, regulations, and industry standards knowledge
Our Values
If you want to know the heart of a company, take a look at their values.
Ours unite us.
They are what drive our success - and the success of our customers.
Does your heart beat like ours?
Find out here:
Core Values
- Diversity, Inclusion, Value & Equality (DIVE)
is our strategy for fostering an inclusive environment we can be proud of.
Check out Blue Yonder's inaugural
Diversity Report
which outlines our commitment to change, and our
video
celebrating the differences in all of us in the words of some of our associates from around the world.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.