What You'll Do
The right candidate will be responsible for monitoring and assessing the internal control environment for IT Controls to ens...
What You'll Do
The right candidate will be responsible for monitoring and assessing the internal control environment for IT Controls to ensure compliance with various regulatory requirements. This might include ISO 27001, ISO9001, Data Privacy and Protection, Sarbanes Oxley Compliance, SOC (System and Organization Controls for Service Organizations) and other security standards. This might also include support for the annual update of business continuity plans, assess criticality of assets and critically assess and review the appropriateness of business continuity plans. You will be part of a team responsible for creating and updating process flows and control documentation, performing walkthroughs of controls, identifying and accessing the key controls that mitigate various compliance risks, perform testing of controls and document control deficiencies and communicate exceptions to IT Leadership.
* Collaborate with various IT departments and control owners to understand, assess and address operational and compliance risks and exposures through a risk and control self-assessment process.
* Maintain the control to Controls Framework mapping documentation and gap assessment and follow-up on remediation if necessary.
* Monitor related IT controls compliance as well as overseeing change management for work processes.
* Identify and recommend changes to improve efficiency as well as process for IT key controls and process flow.
* Conduct an analysis of internal policies, guidelines, procedures and processes to evaluate the accuracy and adequacy of internal controls, operations, and reporting in the area of Transformational programs and processes impacting regulatory compliance requirements as needed.
* Identify and mitigate areas of risk which might arise from inadequate or failed internal processes or systems.
* Team with internal and external audit to review the results of IT Controls testing and work with line-of-business owners to resolve deficiencies and further refine/define controls.
* Assist with procedures to monitor those risks and related drivers using key risk indicators. Make recommendations to address and mitigate identified risks.
* Provide direction and support to the IT Controls Owners for the design, collection, analysis and reporting of financial and operational risk data.
* Update and maintain the IT control database; oversee the execution of control testing, review test work papers for quality and act as SME for key IT processes.
* Participate with other Risk Management teams (compliance, credit, market risk) to identify current and emerging risk exposures and develop appropriate risk mitigation strategies.
* Conduct training sessions as needed with various IT organizations and IT control owners to communicate on-going compliance requirements.
* Provide direction and support for the completion of, assess quality and provide recommendations on Business Impact Assessments and Business Continuity Plans.
Who You'll Work With
You will be part of the IT Compliance & Risk Management team. This team partners with the IT, business, Risk Management and Internal Audit organizations to execute the IT Scope under a company-wide program for IT control compliance. This covers existing controls compliance and Control Readiness activities for prospective changes driven by key corporate strategic initiatives. The IT Compliance & Risk Management team is also an advisor to the IT organization that includes a broad scope of IT Compliance initiatives. You will operate as a Strategic Partner with key stakeholders to include Project Teams, IT Process Leads, IT Control owner community and IT leadership, external auditors, Business Process Teams and respective cross-functional organizations.
Who You Are
You are an organized, driven and motivated individual with excellent organization skills with attention to detail. You are an effective communicator with strong interpersonal skills with the ability to work with cross functional teams. You have a natural curiosity to learn about new regulatory compliance or understand transformational programs and problems solve these in partnership with SME's in Cisco to implement the right set of controls that mitigate IT compliance risks.
Our minimum requirements for this role:
* BA/BS degree preferred with a strong academic record
* Project Management experience
* At least 8+ years' experience with an emphasis on evaluation of internal controls or operational risk in one or more of the following areas: IT Processes and General Controls, operational/enterprise risk management, audit, accounting, Sarbanes Oxley, Regulatory compliance or Resiliency & Business Continuity.
WE ARE CISCO
#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference. Here's how we do it.
We embrace digital, and help our customers implement change in their digital businesses. Some may think we're "old" (30 years strong!) and only about hardware, but we're also a software company. And a security company. A blockchain company. An AI/Machine Learning company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do - you can't put us in a box!
But "Digital Transformation" is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.)
Day to day, we focus on the give and take. We give our best, we give our egos a break and we give of ourselves (because giving back is built into our DNA.) We take accountability, we take bold steps, and we take difference to heart. Because without diversity of thought and a commitment to equality for all, there is no moving forward.
So, you have colorful hair? Don't care. Tattoos? Show off your ink. Like polka dots? That's cool.