- Location: Fort Worth, Texas
- Type: Contract
- Job #27261
Tarrant county client is looking for an IT Risk and Compliance Consultant.
Qualified candidate must have excellent people skills, and be good at building a rapport with partners and others.
This position reports to the Technology Services Risk & Compliance Manager and requires you to have in depth understanding of IT systems that support business processes to include application controls, database controls, network and infrastructure controls and software development controls. You will be expected to contribute and engage with Enterprise Security and Corporate Audit Services to ensure clear definition and compliance of SOX and General Controls for Technology Services working across multiple teams.
This position will:
*Collect, review and analyze data pertaining to information systems functions relative to Sarbanes-Oxley compliance. Assist the Manager in documenting and reporting control deficiencies upon discussion with Internal Corporate Audit and external auditors. Engage in recommendations to address the root cause of issues, and reporting on the status of implementation of management remedial actions.
*Participate and contribute to Risk Control Self-Assessment (RCSA) activities to verify the design and operating effectiveness of existing controls, document processes and procedures, review and analyze evidence, and identify and define issues for remediation.
*Drive the development of tools, automation, and practices to better support ongoing GRC services.
*Understand the broader context and implications (e.g., financial, legal, reputational, etc.) of the various types of risk affecting the technology function and make recommendations to address in advance of Audit findings.
*Proactively identify risks and trends, including data analysis in support of control reviews.
*Collaborate across Technology Services, Corporate Audit Services, and Business Teams.
*Assist with the tracking and management of remediation/mitigation action plans.
*Engage with teams to research and analyze technical and process centric requirements in support of new initiatives, continuous improvement, and remediation efforts.
*Provide feedback to Technology Services and Business stakeholders on regulatory/industry better practices regarding the establishment and operation of internal controls.
*Conduct audit or risk assessments of controls for cloud-based environments
In this role you will be expected to
*seek to understand the business and its control environment.
*create an environment that fosters trust, collaboration, inclusion, transparency, and teamwork.
*develop influential relationships based upon shared risk objectives and act as a change agent to influence our technology partners.
*possess a relentless focus on quality and timeliness to be able to adapt to a dynamic working environment with changing priorities.
*ask questions, test assumptions, and challenge conventional thinking.
*communicate clearly and interact effectively at all levels of the organization to influence as warranted and appropriate.
*work cross-functionally and individually.
Bachelor’s Degree with 5-10 years of relevant experience in the fields of Information Security, Information Technology Audit and Compliance, or Technology Risk Management
At least 4 years of experience developing, evaluating, or implementing Information Security or Technology controls
Expertise in SOX controls; design and evaluation
Experience auditing SAP
Experience performing technology audits, directing risk mitigation, and executing to audit action plans
Preference will be given to candidates with the following:
Certified Information Systems Auditor (CISA),
Certified Information Systems Security Professional (CISSP),
Experience in performing Risk and Control Self Assessments (RCSAs), controls, or assessments against established industry risk frameworks, including: the NIST Cybersecurity Framework, COBIT
Requires Technology Experience in the following areas:
This position will deal with confidential information on a regular basis and the ability to handle such information discreetly is required. In addition, the selected candidate must have the utmost personal integrity, business ethics and lead by example.
Collect, review and analyze data pertaining to information systems functions relative to Sarbanes-Oxley compliance. Assist the Manager in documenting and reporting control deficiencies upon discussion with Internal Corporate Audit and external auditors.
About The InSource Group:
The InSource Group supplies select information technology specialists to some of the area's most prominent companies. We are looking for candidates who can make an immediate, positive impact when placed with our clients.
The InSource Group's proven recruiting process ensures you are well matched with potential employers. Our account managers and recruiters have a depth of industry experience that enables us to place you in the optimal setting for your skill set and job requirements. We match candidates and clients so successfully, our client satisfaction on placements is greater than 99 percent.