1376537 - Leader, Technology Risk Management

What You'll Do
The Leader, Technology Risk Management, is a key IT manager for all matters related to IT controls testing. The right candidate will be responsible for monitoring and assessing the internal control environment for IT Controls to ensure compliance with various regulatory requirements. This will include Sarbanes Oxley Compliance, SOC (System and Organization Controls for Service Organizations) and might include ISO 27001, ISO9001, Data Privacy and Protection, and other security standards. You will be part of a team responsible for creating and updating process flows and control documentation, performing walkthroughs of controls, identifying, and accessing the key controls that mitigate various compliance risks, perform testing of controls and document control deficiencies, and communicate exceptions to IT Leadership.

• Monitor related IT controls compliance as well as overseeing IT change management for work processes.
• Responsible for walkthroughs, testing, remediation, documentation, and reporting for IT controls, including IT General Controls, Automated Controls, and Interfaces.
• Identify and recommend changes to improve efficiency as well as processes for IT key controls and process flow.
• Partner with the Finance SOx PMO to oversee and coordinate the design, implementation, and testing of IT general and automated system controls and configurations.
• Conduct internal control readiness with key corporate IT systems initiatives by building risk and control evaluations into the project life cycle prior to project go-live.
• Drive timely remediation of issues with control owners to achieve Sox compliance.
• Conduct an analysis of internal policies, guidelines, procedures and processes to evaluate the accuracy and adequacy of internal controls, operations, and reporting in the area of Transformational programs and processes impacting regulatory compliance requirements as needed.
• Identify and mitigate areas of risk which might arise from inadequate or failed internal processes or systems.
• Team with internal and external audit to review the results of IT Controls testing and work with line-of-business owners to resolve deficiencies and further refine/define controls.
• Assist with procedures to monitor those risks and related drivers using key risk indicators. Make recommendations to address and mitigate identified risks.
• Provide direction and support to the IT Controls Owners for the design, collection, analysis and reporting of financial and operational risk data.
• Update and maintain the IT control database; oversee the execution of control testing, review test work papers for quality and act as SME for key IT control processes.
• Conduct training sessions as needed with various IT organizations and IT control owners to communicate on-going compliance requirements.
• Provide coaching and guidance on job performance and career development with a global team of IT SOx professionals.

Who You'll Work With
This position reports to the Director of Technology Risk Management and will work closely with leaders across IT, operations and finance organization and interact with senior leadership. You will be part of the IT Compliance & Risk Management team. This team partners with the IT, business, Risk Management, and Internal Audit organizations to execute the IT Scope under a company-wide program for IT control compliance. These cover existing compliance and Control Readiness activities for prospective changes driven by key corporate strategic initiatives. The IT Compliance & Risk Management team is also an advisor to the IT organization that includes a broad scope of IT Compliance and IT Risk Management initiatives. You will operate as a Strategic Partner with key stakeholders to include Project Teams, IT Process Leads, IT Control owner community and IT leadership, external auditors, Business Process Teams, and respective cross-functional organizations.
Who You Are
As Leader, Technology Risk Management, you are a driven and motivated individual with excellent organization skills with attention to detail. You are an effective communicator with strong interpersonal skills with the ability to work with cross functional teams. You have a natural curiosity to learn about new regulatory compliance or understand transformational programs and problems solve these in partnership with SME's in Cisco to implement the right set of controls that mitigate IT compliance risks.
Our minimum requirements for this role:

• BA/BS degree preferred with a strong academic record
• Project Management experience
• At least 12+ years in IT external audit, internal controls, IT risk assessments, IT SOX implementation, and ERP audit experience
• Past Big 4 experience a plus
• Should be CISA certified
• Experience in applying the COSO framework in a manner that supports SOX compliance and operational efficiencies.
• Experience in IT General Control audits, reports testing, and flowcharts over proprietary in-house built and enterprise corporate systems
• Experience with risk areas including, financial, operational, compliance and cybersecurity
• Demonstrated experience in conducting risk assessments, internal audit projects and executing internal control audits

Why Cisco
#WeAreCisco, where each person is unique, but we bring our talents to work as a team and make a difference. Here's how we do it.
We embrace digital, and help our customers implement change in their digital businesses. Some may think we're "old" (30 years strong!) and only about hardware, but we're also a software company. And a security company. A blockchain company. An AI/Machine Learning company. We even invented an intuitive network that adapts, predicts, learns and protects. No other company can do what we do - you can't put us in a box!
But "Digital Transformation" is an empty buzz phrase without a culture that allows for innovation, creativity, and yes, even failure (if you learn from it.)
Day to day, we focus on the give and take. We give our best, we give our egos a break and we give of ourselves (because giving back is built into our DNA.) We take accountability, we take bold steps, and we take difference to heart. Because without diversity of thought and a commitment to equality for all, there is no moving forward.
So, you have colorful hair? Don't care. Tattoos? Show off your ink. Like polka dots? That's cool.
Cisco Covid-19 Vaccination Requirements
The health and safety of Cisco's employees, customers, and partners is a top priority. Our goal is to protect and mitigate the spread of COVID-19 infection for strong business resiliency during the pandemic. Therefore, Cisco may require new hires to be fully vaccinated against COVID-19 if the role requires business-related travel, meeting with customers/partners (including visiting third-party sites on behalf of Cisco), attending trade events, and Cisco office entry, unless otherwise prohibited by applicable law, and in countries where COVID-19 vaccination is legally required. The company will consider legally required accommodations/exceptions for medical, religious, and other reasons as per the requirements of the role and in accordance with applicable law. Additional information will be provided to candidates about the requirements and accommodation process at the offer time based on region.