Senior Manager, IT Risk Management
Apply NowCompany: 7 Eleven
Location: Irving, TX 75061
Description:
The Senior Manager of IT Risk Management (ITRM) is responsible for identifying, analyzing, and mitigating potential risks that could impact the information technology systems of 7-Eleven. They are accountable for three different disciplines within IT: Partner Risk, Risk Management, and PCI Assessment. This role reports to the Senior Director of IT Governance, Risk, and Compliance (GRC). The Senior ITRM Manager must be a proactive leader who takes ownership of issues and drives them to resolution. This person will oversee a team of subject matter experts (SME) on behalf of IT and our internal customers (other business units within 7-Eleven), to ensure technology risks are identified and mitigated. They will lead a Partner Risk team that will utilize threat intelligence tools to identify known security issues with 7-Eleven's partners and work with Information Security to ensure any related risks to 7-Eleven are appropriately mitigated. The Senior ITRM Manager will review 7-Eleven supplier contracts under revision to ensure technology-related risks are mitigated through contractual terms. This will include working closely with 7-Eleven's Legal and Strategic Sourcing departments. The Senior ITRM Manager will lead a team that evaluates identified technology risks and associated compensating controls to determine whether risks are acceptable or require further mitigation. The Senior ITRM Manager also leads a team of internal and 3rd party resources to perform annual Payment Card Industry (PCI) Data Security Standard (DSS) assessments (tier 1). They also must drive internal and external resources to ensure ongoing PCI DSS 4.0+ compliance. The ideal candidate must be a strategic thinker and will develop/maintain the mission, vision, and strategy of IT Risk Management.
Responsibilities:
You are expected to use your broad-ranging expertise in IT Risk Management to develop company objectives and principles and achieve goals in creative and effective ways. You will act independently to determine appropriate approaches to new assignments and lead your team members in their activities in these domains.
Identify and assess potential IT risks and manage the 7-Eleven IT risk register.
Develop and implement IT related risk management policies, procedures, guidelines, and processes.
Provide expert advice on IT risk management matters.
Conduct IT risk assessments at a regular cadence.
Compose risk reports along with insights for senior management.
Conduct IT risk management training and awareness sessions.
Keep up with industry trends, threats, and vulnerabilities to ensure 7-Eleven related risks are appropriately mitigated.
Prioritize tasks and projects for the ITRM team based on importance to accomplish business objectives.
Develop/maintain the mission, vision, and strategy of IT Risk Management.
Manage a team of direct reports, some of whom will have their own direct reports.
Provide IT GRC leadership and senior leadership with updates, metrics, and insights on the effectiveness of the ITRM program.
Evaluate vendors intended to support the ITRM team's objectives/goals and perform assessments, accordingly, following 7-Eleven's sourcing event process.
Collaborate with other managers in cross-functional teams to prioritize IT risks, provide mitigation or remediation recommendations, and assess compensating controls.
Drive and exemplify 7-Eleven Leadership Principles in all you do.
Compose clear and concise communication for ITRM stakeholders.
Manage to budget for the areas under ITRM group.
Qualifications:
Education/Experience
Bachelor's degree in a related field
Master's degree in computer science, information systems or other relevant field preferred
8-10 years of direct experience in IT Risk Management, Information Security, and/or IT Internal Audit
Certification/Licenses
Preferred: CISA/CISM/CRISC or CISSP highly preferred.
If an hourly or salary range is included in this ad it represents the range 7-Eleven in good faith believes is the range of compensation for this role at the time of this posting. The Company may ultimately pay more or less than the posted range. This range is only applicable for jobs to be performed in this state. This range may be modified in the future. No amount is considered to be wages or compensation until such amount is earned, vested, and determinable under the terms and conditions of the applicable policies and plans. The amount and availability of any bonus, commission, long-term incentive compensation, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company's sole discretion, consistent with the law.
For a general description of all benefits 7-Eleven is offering in the US for the position, please visit this link.
Responsibilities:
You are expected to use your broad-ranging expertise in IT Risk Management to develop company objectives and principles and achieve goals in creative and effective ways. You will act independently to determine appropriate approaches to new assignments and lead your team members in their activities in these domains.
Identify and assess potential IT risks and manage the 7-Eleven IT risk register.
Develop and implement IT related risk management policies, procedures, guidelines, and processes.
Provide expert advice on IT risk management matters.
Conduct IT risk assessments at a regular cadence.
Compose risk reports along with insights for senior management.
Conduct IT risk management training and awareness sessions.
Keep up with industry trends, threats, and vulnerabilities to ensure 7-Eleven related risks are appropriately mitigated.
Prioritize tasks and projects for the ITRM team based on importance to accomplish business objectives.
Develop/maintain the mission, vision, and strategy of IT Risk Management.
Manage a team of direct reports, some of whom will have their own direct reports.
Provide IT GRC leadership and senior leadership with updates, metrics, and insights on the effectiveness of the ITRM program.
Evaluate vendors intended to support the ITRM team's objectives/goals and perform assessments, accordingly, following 7-Eleven's sourcing event process.
Collaborate with other managers in cross-functional teams to prioritize IT risks, provide mitigation or remediation recommendations, and assess compensating controls.
Drive and exemplify 7-Eleven Leadership Principles in all you do.
Compose clear and concise communication for ITRM stakeholders.
Manage to budget for the areas under ITRM group.
Qualifications:
Education/Experience
Bachelor's degree in a related field
Master's degree in computer science, information systems or other relevant field preferred
8-10 years of direct experience in IT Risk Management, Information Security, and/or IT Internal Audit
Certification/Licenses
Preferred: CISA/CISM/CRISC or CISSP highly preferred.
If an hourly or salary range is included in this ad it represents the range 7-Eleven in good faith believes is the range of compensation for this role at the time of this posting. The Company may ultimately pay more or less than the posted range. This range is only applicable for jobs to be performed in this state. This range may be modified in the future. No amount is considered to be wages or compensation until such amount is earned, vested, and determinable under the terms and conditions of the applicable policies and plans. The amount and availability of any bonus, commission, long-term incentive compensation, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company's sole discretion, consistent with the law.
For a general description of all benefits 7-Eleven is offering in the US for the position, please visit this link.