This site uses cookies. To find out more, see our Cookies Policy

IT Risk & Governance Strategist III in Norfolk, VA at PRA Group

Date Posted: 3/13/2018

Job Snapshot

Job Description

We invite you to explore a future with us at PRA Group, a diverse and growing company that has a tangible impact on the global economy.

Position Summary: 

As a member of Risk Management team, the Risk and Governance Strategist is expected to act as lead and subject matter expert in the design, implementation, and execution of various technology risk mitigation and governance projects and activities. This includes performing technology specific risk assessments; identifying, tracking, monitoring, and reporting on technology risk; assisting technology constituents in the development and maintenance of technology policies and process maps. The incumbent is also expected to act as advisor and coach to less experienced members of the team.

This role also provides centralized information technology governance, compliance, and risk management expertise to functional areas throughout the technology organization. The Risk and Governance Strategist is expected to remain current with emerging trends related to compliance, privacy and security capabilities and successfully integrate them into a risk and governance strategy.Day-to-day functions include (but not limited to):

  • Guides the successful completion of major governance programs and projects and can represent the organization as a prime contact for IT Risk and Compliance. Analyzes and interprets information technology governance, compliance, and risk management disciplines including applicable laws, regulations, standards, and best practices
  • Develops and improves programs, tools, and metrics for information technology self-assessment and efficiency measurements within the Information technology
  • Acts as subject matter expert on statistical reporting of results and leads the development of required corrective actions utilizing data-driven approaches and methodologies to produce timely and appropriate reporting metrics, including summaries,  scorecards, and/or other control records, ultimately reducing IT process gaps and enhance process effectiveness
  • Advises and collaborates with all IT functional areas to establish and maintain process strategy to effectively govern, control and mitigate risk for IT activities
  • Provides detail reporting on unresolved issues and opportunities for improvement
  • Analyzes non-compliance assertions by auditors, regulators,  and IT management; Gathers details as required to assess validity of assertions; Works with managers to develop plans of action and responses
  • Develops information technology policies, standards, procedures, programs and practices related to information security and risk function
  • Manages the IT Library, the centralized location for all final policies, procedures and standards, to ensure all documents stay up to date and relevant in accordance with the current IT culture

Professional Experience/Qualifications we are in search for:

  • Bachelor’s Degree in related field or equivalent work experience
  • 10 or more years’ experience information technology risk, audit, compliance, governance or security roles or equivalent combination of education and experience
  • Desirable certifications include:  COBIT 5 Foundation, Implementation or Assessor, ITIL Foundation, CEGIT, CISA, CRISC, PCI ISA or Professional

Technical Competencies for ideal candidates:

  • Familiarity with one or more of the following IT security and risk frameworks and compliance regulations such as COBIT 5, ITIL, ISO, Gramm-Leach-Bliley (GLBA), Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standard (PCI)
  • Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity access management
  • Detailed knowledge of security-related systems and applications
  • Knowledge of SharePoint, Microsoft Office Suite, Visio

If you are an Professional who possesses/able to:

  • Strong analytical and problem-solving skills to enable effective problem resolution
  • Flexibility to handle multiple projects simultaneously
  • Ability to work well under minimal supervision
  • Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including vendors and IT-business personnel
  • Strong written and verbal communication skills
  • Strong customer/client focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationships

Work Environment:

The noise level in the work environment is usually moderate as the employee works in an office environment, in an individual work station, using telephone and computer.  Employee is required to work evenings and weekends as required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.


The above information on this description has been designed to indicate the general nature and level of work performed by employees within this classification.  It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.

All qualified applicants will receive consideration for employment regardless of age, race, color, sex, gender, religion, national origin, physical or mental disability, citizenship, or any other classes recognized by state or local law or any other characteristic protected under applicable federal, state or local law. We are a drug free workplace.