Job Description

The impact you will have in this role: As the IAM Risk Engineer you will be identifying, evaluating, and prioritizing risks to minimize, monitor, and control the probability or impact of unfortunate events or to improve the realization of opportunities. The role involves developing risk management strategies, implementing risk assessment methodologies, and ensuring compliance with regulatory requirements. Your Primary Responsibilities: Risk Management Planning: Identify and analyze risks to the business, including financial, regulatory, legal, and operational risks. Develop and implement risk management policies and procedures. Implement health and safety measures for risk prevention. Risk Monitoring: Continuously supervise risk management processes and controls. Review and update risk policies and practices to ensure they are current and appropriate. Compliance: Ensure compliance with regulatory requirements and internal policies. Keep abreast of legal and regulatory updates that may affect the organization. Stakeholder Engagement: Work with other departments to integrate risk management with company processes. Liaise with external risk consultants. Strategic Risk Management: Align risk management strategies with company objectives. Advise on the risk implications of strategic decisions. **NOTE: The Primary Responsibilities of this role are not limited to the details above. ** Qualifications: Minimum of 8 years of experience and/or equivalent expertise in technology risk management, cybersecurity, or a related field, focusing on risk assessment and mitigation Bachelors Degree and/or equivalent experience Talents Needed for Success: Excellent command of IT Risk Management organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with focus on recommendations for improvements or remediation Experience with implementation and oversight of technology risk and controls, coordination of activities for audits and assessing an IT controls environment and detail oriented, with experience evaluating processes, controls, and issues to resolve risks Subject matter authority on information security and technology risk management with understanding of IT control policies Confirmed experience in leading large teams, handling cross-functional projects, and implementing risk management policies and processes Proven understanding of industry regulations, guidelines, and best practices, such as NIST, ISO, FFIEC, and GDPR.