Operational Risk Supervisor (IT) at Ford Global Career Site
Dearborn, Michigan, United States -
Full Time


Start Date

Immediate

Expiry Date

10 Apr, 26

Salary

0.0

Posted On

10 Jan, 26

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

No

Skills

IT Risk Management, IT Audit, Information Security, Governance, Risk Management, Control Testing, Analytical Skills, Problem-Solving, Leadership, Communication, Collaboration, Regulatory Compliance, Control Frameworks, Team Management, Continuous Improvement, Risk Assessment

Industry

Motor Vehicle Manufacturing

Description
Establish, recruit, and lead a high-performing team of IT risk professionals, fostering a culture of continuous improvement, accountability, and collaboration. Partner closely with the First Line of Defense (1LOD) IT teams to deeply understand their operations, identify key IT risks, and pinpoint the most critical controls designed to mitigate those risks. Lead comprehensive IT risk assessments, leveraging established methodologies to evaluate the likelihood and impact of identified risks Develop and implement a robust methodology for 2LOD IT control testing. Scope, plan, and execute independent testing of IT controls to assess their design and operating effectiveness. Analyze the results of control testing, identify control deficiencies, and provide clear, actionable feedback to 1LOD teams on the effectiveness of their controls - highlighting both strengths and areas for improvement. Ensure that IT controls are thoroughly documented, accurately reflect operational practices, and are actively utilized by the 1LOD. Monitor and provide oversight on remediation efforts for identified control gaps. Contribute to the ongoing development and refinement of Ford's IT risk management framework, policies, and procedures, aligning with industry best practices and regulatory requirements. Build strong relationships with IT leadership, internal audit, compliance, and other risk functions to promote a cohesive and integrated approach to risk management. Established and active employee resource groups Bachelor's degree in Information Technology, Computer Science, Information Security, Risk Management, or a related field. Minimum of 8-10 years of progressive experience in IT, IT risk management, IT audit, information security, or a related governance, risk, and compliance (GRC) function. At least 3-5 years of experience in a leadership or management role, including building and managing teams. Demonstrated experience with Second Line of Defense (2LOD) functions or internal audit within a large, complex IT environment. Proven ability to conduct and lead IT risk assessments and evaluate control effectiveness. In-depth understanding of IT control frameworks (e.g., COBIT, NIST CSF, ISO 27001), regulatory requirements (e.g., SOX, GDPR, CCPA), and industry best practices. Exceptional analytical and problem-solving skills with the ability to translate technical details into business risks Strong leadership, interpersonal and communication skills (written and verbal), with the ability to collaborate effectively Ability to manage multiple priorities in a dynamic environment Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Other relevant certifications in IT audit, risk management, or information security. Experience working in the financial/banking industry, or other highly regulated environments is an asset Familiarity with AI control frameworks, data governance, and data lineage principles For more information on salary and benefits, click here: https://fordcareers.co/GSRSP1 Visa sponsorship is not available for this position. Verification of employment eligibility will be required at the time of hire.
Responsibilities
Establish and lead a team of IT risk professionals while partnering with IT teams to identify and mitigate key IT risks. Conduct IT risk assessments and implement methodologies for control testing, providing actionable feedback to improve control effectiveness.
Loading...