About the position
Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture. The role will contribute to the implementation of the U.S. Cyber and IT Risk Management Framework across the second line of defense. The framework encompasses oversight, reporting, governance, communications, and education. As part of the second line of defense for businesses in the United States, IT Risk provides independent oversight and challenge as well as assists in the development of the methodologies, policies, process, and tools to support the U.S. Cyber and IT Risk Management Framework. Contributes to the overall success of Cyber and IT Risk Management in the United States, ensuring specific individual goals, plans, initiatives are executed / delivered in support of the team's business strategies and objectives. Ensures all activities conducted are in compliance with governing regulations, internal policies and procedures.
Responsibilities
- Maintains the U.S. Cyber and IT Risk Management Framework and best practices within the Bank while acting as a center of excellence for IT and Cyber Risk in the U.S.
- Collaborates with the lines of business by acting in a consultative capacity to advise on IT risks that influence their business and ability to meet established strategic objectives, while maintaining oversight and objective challenge.
- Challenges the IT Risk components of the first line in the Risk & Control Self-Assessment (RCSA) process for the U.S., covering Legal Entities, Processes and Business Lines.
- Challenges investigation of IT Incidents to define root causes and provides input into remediation actions.
- Performs Deep Dives to assess the effectiveness of controls surrounding key processes, and to identify remediation for gaps to actively and demonstrably mitigate IT risks.
- Challenges IT risks within scenario analysis.
- Monitors Cyber security risks and the controls in place within the bank, as well as external Cyber security reporting which may impact the bank.
- Monitors compliance with IT Risk Policies, Standards and Guidelines.
- Prepares and coordinates monthly U.S. Information Risk Working Group meetings.
- Prepares monthly and quarterly IT and Cyber Risk reporting for U.S. committees and senior management.
Requirements
- Strong expertise in IT Risk Management (e.g. Logical Access, Data Leakage, Disaster Recovery)
- Experience with Cybersecurity Risk Management is preferred
- A minimum of 7 years of experience in technology departments and/or risk management, preferably in a financial institution
- Industry certifications desirable (e.g., ISACA CRISC)
- Advanced knowledge of relevant regulatory rules (FFIEC, NYDFS 500) and frameworks (NIST, COBIT) is preferred
Benefits
- Flexible benefit programs designed to support unique family, financial, physical, mental, and social health needs.
Job Keywords
Hard Skills
- Business Process
- Business Strategy
- Disaster Recovery
- Risk Control
- Risk Management
- 0XzgLQD8P ZR26a
- 6dSClmTIMc wyczYDo5Kt
- AKlYQ tYmLdB4UHPj
- AUyRVtQzbw k52xSAFGIRc
- f2rxD uvgVO25xkWf
- fXAI1 4BPoVSINixb KPQIsrdoZi
- g4c5LDnSt JhOoTWYsM
- gRs ZPlsm OkYq7dMCnva
- GWiBlz fCGa2
- gWUodH0Iw XRq42W7
- idy3m ED5lhLYze
- IJuK2 6tF5Gb1
- l94O1 l9jPWHLkac4
- S3dtFa8wOL y6IrQHnDAR3c
- vcjXhk 0AqXk
- WZEikIz KHaIXMpgmAc
- xU394n j1zNZVDFO
- Yc8rA sqJg2Ke
- z0NgbIqOJuMAK EGYQeJlTsdn
A Smarter and Faster Way to Build Your Resume