Contingent Worker / Consultant - VP, IT Risk and Compliance

** This is a Consultant / Contingent Worker Position **

CIT is currently searching for a senior level IT Risk and Compliance professional to join our Systems and Technology Services department as a Contingent Worker / Consultant. Details on the position are as follows:

• Help to lead the development of a policy management process for policy creation, revision and exception management

• Review regulatory guidance on an ongoing basis to ensure that policies remain current and appropriate

• Participate in new system development and implementation reviews by reviewing project documentation, conducting interviews and assessing completed work to ensure that development efforts are in compliance with organizational policies, standards and procedures and that controls are adequately incorporated into systems

• Assist management in the identification and assessment of technology and business related controls for integrated IT and business auditing efforts

• Plan and perform assessments of information systems compliance with applicable policies, requirements and standards.

• Develop communications and training materials to ensure awareness, conduct review sessions as appropriate

• Develop metrics and produce regular reporting to highlight overall compliance with standards and communicate incidents and/or issues

• Ensure that all policy artifacts are housed in a shared repository that is accessible, thoughtfully organized and has appropriate levels of control to maintain data integrity.

• Identify areas of opportunity for process, control or cost improvement

Requirements:

• Bachelor’s Degree in Computer Science, Information Systems, or other related field; or equivalent work experience.

• Minimum of 10 years of professional experience in Information Technology Risk or related field.

• Strong analytical skills with solid working level knowledge of MS Excel, PowerPoint, Word and Project

• General familiarity with regulatory / audit policies as relate to technology organizations.

• Knowledge of Sarbanes-Oxley, FFIEC, ISO a plus

• Self-motivated individual with excellent verbal and written communications skills

• Ability to multi-task in a fast-paced environment.

The following are preferred

1.) Background in establishing risk metrics

2.) Ability to asses IT risk and determine associated corporate risk

3.) Experience in control areas such as data privacy, vulnerability assessment, operations, service delivery, information security, etc.

4.) Experience with regulatory requirements and regulations

5.) Strong Project Management and communication skills to work with various teams to drive understanding of risk concepts and creation of short term and long term strategies to fill metric gaps.

Hiring Policies - United States

CIT is an Equal Opportunity Employer. CIT policy prohibits discrimination of employees and applicants for employment. No aspect of employment with CIT will be influenced in any manner by race, color, religion, age, sex, national origin, marital status, disability, Vietnam veteran status, sexual orientation or any other basis prohibited by applicable law. CIT's policy applies to, but is not limited to, hiring, promotion, demotion, transfer, termination and compensation. CIT complies with applicable federal, state and local laws governing nondiscrimination in employment in every location in which CIT has offices.

Hiring Policies - Canada

CIT is committed to a workplace free from discrimination by providing equal treatment and equal opportunity to all of its employees and potential employees regardless of age, ancestry, citizenship, colour, religion, creed, ethnic origin, language, race, sex or sexual orientation, family status, marital status, physical disability/handicap, political belief or any other prohibited ground for discrimination. CIT complies with applicable federal, provincial and local laws governing nondiscrimination in every location in which CIT has offices.