Risk Reviewer

Job Title : Risk Reviewer

Location : Tampa, FL ( Remote )

Duration : 12+ Months

Job Summary

Application Readiness Risk Reviewers are responsible for the initial review of ARR tickets. They need to be detail-oriented and check the accuracy of technology and design information. Their tasks include talking to customers to clarify questions, getting answers to open issues, guiding next steps, and setting up meetings. They work with AR Risk Managers and AppSec Architects to update on progress, raise IT security concerns, and document their work in the SNow AR Ticket system. Good communication, customer service, and organizational skills are essential to manage multiple reviews effectively.

Mandatory Skills:

• Customer service skills to create an exceptional customer experience
• Strong organizational and time management skills to support multiple concurrent reviews
• Self- Awareness
• Quick Learner (ability to integrate training and coaching received into action)
• Asks questions to deepen their understanding of our processes, the business, and solutions
• Knowledge of the Information Security Policy, Application Readiness Standard, & Applicable Supporting Standards Understand the purpose of Application Readiness process
• Ability to interact with customers, and ensure customers understand what actions they need to take
• Ability to assess whether a control is 'met' or 'not met' (black and white)
• Ability to review documentation analytically and assess control compliance based on information/ documentation provided.
• Ability to evaluate complex data and determine whether data can be used to support the reviews being conducted
• Ability to pull facts and details related to controls from different types of documentation and diagrams submitted
• Interface with customers to ask clarifying questions, prompt for responses to open items, provide guidance on next steps, schedule meetings
• Interface with AR Risk Manager(s) and AppSec Architects to provide status, raise flags/ concerns related to IT Security Risk
• Document work in the SNow AR Ticket
• Strong English written and verbal skills

Key Skills:

• Strong communication and organizational skills
• Ability to manage multiple projects and teams
• Problem-solving skills and strategic thinking
• Knowledge of information security policies and application readiness standards

Desired Certifications: But not mandatory.

• CISSP / CISM /CISA / CCSK / CCSP / CRISC
• Year of Experience: 3 - 10 years of experience in a relevant role

Roles & Responsibilities:

• Review tickets for inconsistencies in advance of ERV calls
• Validate ticket information in activity tab, known as validation block
• Schedule ERV calls
• Work with Risk Manager to understand questionable items and approach to ticket review
• Research previous tickets, including upstream and downstream relationships and for other firms and their results discuss inconsistencies with the Risk Manager
• Maintain and monitor a dashboard of your ticket status
• Monitor the activity tab for Customer communications
• Review and action pending items/responses in a timely manner (in line with SLOs)
• Participate in Team calls and ideation exercises
• Be able to communicate with Seniors and Stakeholders
• Review related CRS and SRT tasks and update record documentation accordingly
• Track progress of the ticket through the Issue Mgmt. Stage and know how to manage integration of ancillary NIS teams: Global Workspace; m365; Third Party Risk Mgmt.; Splunk; Business Continuity; Mobile Application Mgmt.; BISO/CISO teams