This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Sunray Informatics - McLean, VA
posted about 2 months ago
About the position
The Investments and Capital Market - Risk & Governance Manager plays a crucial role in the first line of defense for risk governance within the organization. This position involves acting as a trusted advisor to business partners, proactively assessing and identifying potential risks that could hinder the division's ability to achieve its business objectives. The manager will oversee technology-related processes, collaborate with business stakeholders, and domain risk subject matter experts to enhance risk management processes and strengthen the control environment.
Responsibilities
- Identify and assess technology process risks.
- Develop and document adequate controls, including supporting establishment, maintenance, and validations of SOX, non-SOX technical, and operational controls across I&CM technology activities.
- Assess gaps and emerging threats and perform pre-2LOD and/or 3LOD review readiness.
- Prepare, conduct, and document quarterly Risk Control Self-Assessments for technology processes.
- Provide support to the business process during 2LOD oversight activities, Internal Audit exams, and FHFA exams.
- Support the technology process in identifying an issue, assessing severity, developing, and tracking remediation action plans.
- Proactively stay abreast of business/market changes/trends that may impact technology and associated risks.
- Discuss and resolve potential risks with relevant stakeholders.
- Provide risk and control input for I&CM's new business and governance initiatives.
- Conduct root cause and impact analysis of operational risk events. Identify remediation activities and produce concise write-ups for Senior Management.
- Generate risk and compliance-related materials for I&CM, IT, ERM, IA, and FHFA, including periodic updates and time-sensitive requests.
- Review and validate the accuracy of the information documented in the risk database and enterprise governance repository.
- Develop technical risk procedures, job aides, and process flow for the division.
- Produce periodic reporting on risk indicators, and divisional technology risk and control issues.
- Challenge status quo and find opportunities to improve and streamline existing processes.
- Undertake ad-hoc projects as needed.
Requirements
- Minimum of 12 years of experience in risk management, governance, audit, emerging threats, program governance, artificial intelligence, and/or data compliance in technology processes.
- Proven ability to investigate, assess risks, and partner with technical and non-technical business owners to determine root cause and remediation.
- Experience supporting financial and/or product development services is desired, but comparable industries are acceptable with a willingness to learn.
- Degree in Finance, Risk Management, Information Security, or a technology-related field; or equivalent work experience preferred.
- Experience implementing, formulating control language, or assessing Sarbanes-Oxley requirements, Risk and Control Self-Assessments (RCSA).
- Experience defining, documenting, and communicating technical and operational governance.
- Ability to track and report on achievement of plans/projects.
Nice-to-haves
- CIA, CISA, CISSP, PMP, CISM, CRISC or other related professional certification preferred (or working towards a certification).
