Overview

　　The IT Risk Consultant plays a critical role in assessing and identifying risks within First Citizen Bank's Information Technology (IT) organization. The right candidate will be responsible to conduct IT and industry-specific risk assessments in alignment with Federal Financial Institutions Examination Council (FFIEC) guidelines. Using broad technical expertise to evaluate the design and test the operational effectiveness of IT controls.

　　Responsibilities

　　Perform Risk Assessments: Following the FFIEC handbooks, conduct horizontal and vertical examinations across the IT organization. Execute assessment plan, capture results, conduct interviews with stakeholders, and contribute to evaluation of the risk profile for the organization. Create recommendations to reach desired maturity levels.Perform Control Testing: Perform testing of IT controls in Architecture, Infrastructure, Operations, Information Security, Management and Development domains. Evaluate IT control design and validate the operating effectiveness of controls in mitigating, monitoring, and reporting risk throughout the IT organization. Build close partnerships with the business owners, identify opportunities to mitigate risks and provide guidance to establish repeatable controls. Produce leadership report of control testing progress, results, and recommendations. Support Risk and Control Self-Assessments (RCSA): Working with the IT Risk Consultants and Frontline Risk Management teams, leverage risk assessments and control testing results to support RCSA execution to support the identification, assessment and monitoring of organizational risks.The base pay for this position is relative to your experience but the range is generally $116,318 to $201,618 per year.

　　Qualifications

　　Bachelor's Degree and 6 years of experience in Financial Services, Risk Management, Operational Risk Management, Compliance, Audit, Finance or Accounting OR High School Diploma or GED and 10 years of experience in Financial Services, Risk Management, Operational Risk Management, Compliance, Audit, Finance or AccountingLicense or Certification Type: Certified in Risk and Information Systems Control (CRISC) Required, Other relevant certification such as CISSP, CISM, CISA PreferredMaster's Degree / MBA preferred.5+ years' experience managing risk, performing governance activities, and risk assessment activities in Large Financial Institutions.5+ years of IT Control Testing experience.Experience performing Risk Assessments.Knowledge of standard risk management or control frameworks such as COBIT, ISO, FFIEC, COBIT, and ITIL is required.Knowledge of financial sector regulatory practices for a large financial institution.Knowledge of FFIEC handbook is preferred.Core CompetenciesStakeholder management Advanced analytical skillsAdvanced verbal and written communication skillsDetail orientedWorks with minimal guidance