Michigan Veterans Jobs

Mobile michigan-jobbank Logo

Job Information

Flagstar Bank FSB Technology Risk Engineer in Troy, Michigan

Job SummaryThe Information Technology Risk Engineer reports to the Technology Risk Supervisor, and he/she is responsible for the design and the delivery of the program elements all first line of defense risk activities directly or indirectly impacting Information Technology and Information Security within Flagstar. The Information Technology Risk Engineer will leverage experience in business and technical acumen environment to execute the technical program activities in the areas of audit, technology, compliance, risk management and security. The position will be responsible for the execution of the IT Risk Management program, which delivers a risk and control framework and compliance activities, as well, as standards, controls, and procedures to ensure the confidentiality, integrity, and availability of the company's digital and technical assets, and better governance of Information Technology and Security.Job Responsibilities:* Design/engineer/execute specific Information Technology and Security risk program elements to mitigate enterprise IT and security risks throughout the Bank.* Design/engineer/execute the implementation of the components of the Information Technology Risk Program to include external compliance, internal audit, security, vendor management, operational risk, quality assurance and quality controls for technology and information security.* Design/engineer/execute internal and external compliance technology audits and regulatory exams, representing Information Technology throughout the lifecycle of the audit (planning through remediation strategy).* Design/engineer/execute implementation of Governance, Risk, and Control frameworks and systems based on recognized best practices such as COBIT, ISO, ITIL, SANS, NIST, Basel, GLBA, SOX, PCI-DSS, FFIEC, etc.* Execute the first line of defense Risk Management functions for IT meeting the Enterprise Risk Management (ERM) program elements, processes and compliance requirements.* Execute the Risk Controls Self-Assessment process for Information Technology and Information Security.* Design/engineer guidelines standards, and training on Risk Management practices and procedures appropriate for Flagstar's needs to ensure that risk responsibilities are understood and carried out throughout the enterprise.* Execute technology process improvement projects, and transformational initiatives to improve IT risk and control profile.* Support the IT Risk Lead and the IT Risk Supervisor in their risk activities.* Ensure compliance with applicable federal, state and local laws and regulations. Complete all required compliance training. Maintain knowledge of and adhere to Flagstar's internal compliance policies and procedures. Take responsibility to keep up to date with changing regulations and policies.Job Requirements:* Bachelor's Degree in a related field plus 2 years of previous experience working in Information Security or Information Technology - OR - 5 years of comparable work experience* Certified Information Systems Security Professional (CISSP), Certified Information Security Manager, (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC)* Security, risk and audit specialized training highly recommended* One year of SOX IT control execution or testing - or IT auditing experience* One year participating in Risk and Control Self Assessments, Audits, or exams for technology or information security* Demonstrated ability to audit general IT controls including related infrastructure (Active Directory), operating systems (UNIX, Linux, Windows), databases (Oracle DB, MS SQL DB, and Progress DB), and applications (Oracle, PeopleSoft)* Design and perform root cause analysi