IT Tech Lead for the IT Risk Management Framework

Location: McLean, VA

IT Risk Management is looking for an experienced candidate to join a first line IT Risk Management team that will have responsibility for the development, implementation and execution of a Policies, Standards and governance risk management program. Working closely with the teams that represent each IT Department, the candidate will work with teams that are responsible for the consistent and logical application of key components of the IT Risk Management Framework for the IT Division.  This position requires that the applicant have a strong understanding of the risk frameworks, operational risks, and the execution of risk management processes and governance within a large institution.
As a subject matter expert in policy and lifecycle management, you will partner with IT leadership teams to effectively manage the development of corporate policies and standards and ensure IT’s compliance.  The ideal candidate has demonstrated experience leading organizational efforts managing policies and standards, and leading assessments against industry recognized standards for IT security and risk management. Additionally, the candidate will require excellent organizational, leadership, communication and relationship management skills.

Your Work Falls into Three Primary Categories:

o Divisional Compliance with Enterprise Risk Policy & Standards
• Lead the program functions responsible for the assessment of Enterprise Policies and Standards impact on IT
• Lead the program functions responsible for assessing divisional compliance to Enterprise Policies and Standards and Directives.

o Publication of Divisional (IT) Directives
• Lead the program functions responsible for the development, review, approval, publication and communication of IT Directives and Requirements.
• Lead the program functions responsible for continued review, maintenance and monitoring of divisional level polices, standard, directives and requirements. 

o Reporting, Metrics and Ongoing Due Diligence
• Develop KPI’s to provide insight into IT risks and non-compliance with polices, standard, directives and requirements