At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.
What's the role?
As Risk Management Consultant, you will perform functions for the IT MAR (Model Audit Rule) program, providing advice, perspective, and consultation. Engages department leadership in setting the strategic direction and drive operational outcomes for the MAR program to support the IT general controls and alignment to the NM strategy. Assumes accountability for MAR functions and coordinates accountabilities within IT, Corporate Audit and Finance. Engages staff, leadership, and business partners in organizational change to mature and sustain compliance with IT related internal controls related to IT risk for the enterprise. Lead portions of the operational work. Coaches and mentors NM staff on the MAR program, including specific processes to ensure consistency and quality.
- Accountable for designing and evaluating processes and controls to execute the MAR program at Northwestern Mutual.
- Create and update Risk Control Matrices for MAR relevant applications and improving the foundation of existing RCM’s and evolving them using your strong understanding of risk management in technology.
- Facilitate walk-throughs of system controls with internal and external auditors for in audit scope application partners and evaluating evidence created prior to submission to assure content is complete and accurate.
- Evaluate processes and controls to comply with MAR relevant information protection policies and standards.
- Create and distribute monthly Summary of Aggregated Deficiencies to Corporate Audit, Finance, and Company leadership.
- Create and maintain RCM assessments to assist leadership in determining the overall risk profile of the IT general controls.
- Provide subject matter expertise for the IT MAR program which may include evaluating noncompliance issues and appropriate investment decisions.
Bring your best! What this role needs:
- Bachelor's degree with an emphasis in MIS, Business or related field; or related work experience beyond the minimum required
- Five or more years of experience in information systems or systems audit with a demonstrated knowledge in technologies and processes
- Proven ability to design and implement IT general controls and develops an appropriate level of organizational, regulatory and IT business knowledge.
- Demonstrated ability to lead, coach, and mentor other staff members
- Strong ability to independently identify and resolve critical and complex issues through effective problem solving skills
- Strong ability to maintain and strengthen relationships; ability to effectively influence and negotiate with internal and external partners
- Excellent communication skills focused on facilitation of meetings; ability to deliver informative, well-organized documentation and ability to effectively communicate in difficult and/or sensitive situations
- Proven organizational savvy with demonstrated tact and diplomacy
- Proven ability in dealing with ambiguity
- Preference will be given to candidates with Sarbanes-Oxley, MAR or SOC review experience (designing, auditing, or governance).
- CRISC/CISA/CISM/CGEIT/CISSP preferred
Beyond base salary, NM offers the following benefits; pension, 401k, comprehensive medical, dental, and vision, FREE lunch, annual bonus opportunity, and much more!
This job is not covered by the existing Collective Bargaining Agreement.
Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now!
We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.
FIND YOUR FUTURE
We’re excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.
Flexible work schedules
Employee resource groups