Job Specifications
Provide support for IT Risk procedures and processes to detail and assess risk in IT for Third Party and Asset related risks through working with all levels of the organization to acquire the accurate inputs for the assessments. The ideal candidate for this position is a confirmed problem solver and integrator of people and processes, as well as an effective internal consultant. The risk assessor must also possess demonstrated domain proficiencies in a number of IT-risk-related disciplines, including information technologies, security, business continuity management, privacy and compliance.
Pay Range: $69,350 - $104,000 / Grade 13 (Determined by the knowledge, skills and abilities of the applicant.)
This posting includes the full pay range for this position. Pay is based on a number of factors and may vary depending on job-related knowledge, skills, experience, and internal equity.
Reporting Relationship: Mgr. IT Security Sr
Location: Rapid City, SD
Relocation Assistance:
Relocation assistance is available based on individual circumstances! Details to be shared during the offer process.
Essential Functions:
Perform quantitative and qualitative analysis to support the prioritization of risk mitigation projects, measure progress of technology risk reduction initiatives, and identify areas with high residual risk.
Provide assessment, monitoring and coordination support for Policies and Controls related risk activities for the entire IT organization.
Perform or assist functions within the Third-Party IT Risk Program such as performing assessments, detailing findings and monitoring overall security ratings of external companies.
Perform or assist with IT Risk assessments on various assets both inside IT and in other groups.
Review and analyze the efficiency of the company's IT control activities and report on them with concrete recommendations and findings.
Follow up on findings in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.
Additional Responsibilities:
Acts as risk management liaison with all levels of the IT organization and with the lines of business and other internal groups and organizations
What You'll Need:
Bachelor's Degree Science with a focus on IT or IT-risk-related disciplines or equivalent combination of education and experience
Minimum of (3) three years of IT experience in IT risk management or a related subject area (for example, security, privacy, business continuity management, audit or compliance)
Black Hills Corporation
625 Ninth St
Rapid City
South Dakota United States
ir.blackhillscorp.com/
