Director of Cyber and Technology Risk Oversight
3M
Cyber SecurityServiceNow
Senior Information Security Analyst
Ameriprise Financial Services, LLC
full-time
Posted on:
Origin: • 🇮🇳 India
Visit company websiteJob Level
Senior
Tech Stack
Cyber SecurityServiceNowTableau
About the role
- Support the risk identification, control evaluation, and process documentation across key business functions.
- Assist in development and maintenance of detailed process narratives and flowcharts for key business processes; collaborate with process owners.
- Assist in execution of comprehensive risk assessments; facilitate risk workshops and stakeholder interviews.
- Review and assess the design of internal controls and recommend enhancements.
- Design and execute test plans to evaluate operational effectiveness of controls; document test results and identify control deficiencies.
- Support remediation efforts and track progress.
- Facilitate collection, monitoring and reporting of Key Risk Indicators (KRIs); monitor KRI trends and produce reports for senior management and governance committees.
- Support development, documentation, and evaluation of internal processes, risks, and controls.
Requirements
- Experience in risk management, internal audit, compliance, or related functions.
- Degree in computer science, engineering, IT or equivalent technical degree.
- Strong understanding of internal control frameworks (e.g., COSO, SOX).
- Demonstrated experience in information security risk assessment and control evaluation.
- Familiarity with cybersecurity frameworks (e.g., NIST, ISO 27001) and regulatory requirements.
- Experience with risk taxonomy frameworks and criticality mapping, including the ability to classify and prioritize risks based on impact, likelihood, and business relevance.
- Experience with process mapping tools and risk assessment methodologies.
- Proficiency in data analysis and reporting tools (e.g., Excel, Power BI, Tableau).
- Excellent written and verbal communication skills.
- Ability to work independently and manage multiple priorities in a fast-paced environment.
- Preferred: Professional certifications such as CPA, CIA, CISA, CRMA, CISSP, or similar.
- Preferred: Experience in regulated industries (e.g., financial services, healthcare, energy).
- Preferred: Familiarity with GRC platforms (e.g., Archer, MetricStream, ServiceNow).
- Preferred: Strong communication skills working with users across globe.
