S&P Global Ratings
Reporting to the Senior Director within the Operational Controls and Remediation team (part of the S&P Global Ratings Chief Operating Office), this position will provide leadership for executing activities related to IT control assessments and monitoring. The role will support the development of first line risk management capabilities across the Ratings IT organization including managing a portfolio of work relating to designing and implementing IT controls, establishing quantitative monitoring of IT control operational effectiveness, and as needed assisting with the development and implementation of process improvements.
The candidate will coordinate globally across the S&P Global and S&P Global Ratings IT organizations and work collaboratively with other teams including control functions such as Compliance and Risk. Responsibilities will span the full life cycle of Information Control certification, from assessment through remediation and validation. The candidate must be able to follow-up on open items, develop meeting agendas and produce project plans and metrics to move initiatives forward.
Must be able to manage multiple project streams simultaneously. Activities will include planning and executing the assessment activities, participating in meetings, ensuring the appropriate level of management review on action items and responses, and tracking commitments to closure.
- Work with Technology leadership globally to identify and assess IT risk, develop risk mitigation procedures that strengthen IT controls, and ensure compliance with internal and external regulatory control requirements
- Track action plans to completion, monitor and report on IT risk IT control related issues and activities.
- Work collaboratively to develop control improvement plans in response to exam and audit findings
- Manage a portfolio of activities related to planning and executing the IT control assessment activities
- Validate self-assessment results and review applicable independent analyses
- Understand and convey IT control and risk management concepts to both technical and non-technical audiences
- Provide IT control expertise while working with business, control function, and IT stakeholders
- Align with other control assessment and exam activities across the organization
- Produce metrics, reports, dashboards, and escalation of items for attention
- Work in collaboration with other teams to build best practices
- Conduct reviews of current processes with recommendations on auditing, reporting and exception identification and remediation
- Review IT documentation
- Bachelors required, MBA or higher degree preferred
- 7 years of experience preferred
- Strong technical Information security and IT risk management background
- Possess expertise of key general IT controls and risk mitigation procedures
- Experience in the following areas: technology, project management; process management, IT audit and quality control
- Critical thinking and problem solving skills
- Ability to grasp complex concepts and synthesize effective solutions
- Demonstrated skills in tailoring presentations/communications to varied audiences (i.e. business vs. technical and working group vs. executive management)
- Track record of superior performance with emphasis on quality and timely delivery
- Ability to operate in a complex, fast paced, matrix environment; including the ability to influence and negotiate effectively with others
- Willingness to be hands-on and detailed oriented
- Experience in Technology Audit
- Experience in Financial Services
- Understanding of regulatory landscape for Technology
- Information Systems Auditor (CISA) and Certified Risk and Information Systems Control (CRISC) certifications preferred
About S&P Global Ratings
S&P Global Ratings is the world’s leading provider of independent credit ratings. Our ratings are essential to driving growth, providing transparency and helping educate market participants so they can make decisions with confidence. We have more than 1 million credit ratings outstanding on government, corporate, financial sector and structured finance entities and securities. We offer an independent view of the market built on a unique combination of broad perspective and local insight. We provide our opinions and research about relative credit risk; market participants gain independent information to help support the growth of transparent, liquid debt markets worldwide.
S&P Global Ratings is a division of S&P Global (NYSE: SPGI), which provides essential intelligence for individuals, companies and governments to make decisions with confidence.For more information, visit www.spglobal.com/ratings
To all recruitment agencies: S&P Global does not accept unsolicited agency resumes. Please do not forward such resumes to any S&P Global employee, office location or website. S&P Global will not be responsible for any fees related to such resumes.
S&P Global is an equal opportunity employer committed to making all employment decisions without regard to race/ethnicity, gender, pregnancy, gender identity or expression, color, creed, religion, national origin, age, disability, marital status (including domestic partnerships and civil unions), sexual orientation, military veteran status, unemployment status, or any other basis prohibited by federal, state or local law. Only electronic job submissions will be considered for employment.
If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person.
The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law.