You are viewing a preview of this job. Log in or register to view more details about this job.

Student Assistant Internship (Enterprise Risk Management), Ref# 8470

NYS Office of Information Technology Services
Email

Minimum Qualifications

• Must be a US citizen or foreign national eligible to work in the United States
• Must be 18 years of age or older
• Must be currently attending a New York State college, university or graduate program, or be a resident of New York State attending a college, university or graduate program outside of New York State
• Must have completed a minimum of one (1) year as a student at a degree-granting two or four-year college or university (completion of one year’s worth of academic credits over a more extended period of time may qualify part-time students) OR currently enrolled graduate student or accepted in a graduate degree program
• Must have a minimum grade point average (GPA) of 2.0 or equivalent to a C.

 

Duties Description

The Student Assistant under the direction of the Deputy Director of Enterprise Risk Management, will provide ITS, including its program areas, project teams, portfolios, and executive management, with advice, support, and guidance on applying new enterprise risk management initiatives, in relation to IT-related projects and operations.

 

The Student Assistant will: 
• Assist in identifying, evaluating, and mitigating technology-related risks to effectively manage the agencies technology risks; collaborate effectively with business leadership, project team members, and various review teams (eg. Security, Privacy, and Legal) to achieve this goal. 
• Collaborate with ERM and business units to provide value adding advice and adjust Risk Tolerances and Appetites based on data insights. 
• Collaborate with SUNY Albany Cyber-Risk Student Interns to develop enterprise risk mitigation strategies. 
• Investigate ITS business practices to identify enterprise-level risks to ITS' mission. 
• Capture and monitor actionable metrics using software and databases including risk and control libraries and risk ratings, documenting and assessing likely risk impacts and proposed mitigating controls. 
• Help create and execute short- and long-term risk management strategies in accordance with selected risk management frameworks. 
• Both verbally and in writing, effectively communicate identified risks and their proposed mitigation strategies to ITS leadership and other agency stakeholders, including developing, communicating, and training regarding new policies, procedures, practices, and guidelines. 
• Ensure ITS risk management policies and procedures comply with applicable laws and standards and support ITS strategic initiatives. 
• Help convert approved risk management strategies into specific system or process requirements and assess effectiveness of these deployed controls over time. 
• Regularly monitor known and materializing new risks in the context of ITS' evolving business practices to ensure continual compliance with ITS risk management strategies. 
• Perform other related duties as assigned.

 

 

The Office of Information Technology Services is an equal opportunity employer, and we recognize that diversity in our workforce is critical to fulfilling our mission. We encourage all individuals with disabilities to apply.