Address
Form of workJob Description
Embedded Risk Manager (Associate Director)
Must have - Minimum of 6 years of Financial Services industry related experience. Cybersecurity experience and/or CISSP, CompTIA Security+ or other Cyber certification
Description:
The Information Technology group delivers secure, reliable technology solutions that enable CLIENT to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential applications, building infrastructure capabilities to meet client needs and implementing data standards and governance.
Position Summary
The Principal Embedded Risk Manager (ERM) specializes in serving as a central point of contact and liaison aligned with IT that drives completion of, and adherence to, risk and control commitments, obligations, and requirements for their aligned departments; and is responsible for assisting stakeholders with the identification and timely remediation of risk. They are a top-level contributor that acts independently with minimal direction. The ERM’s ability to form strong relationships and communicate with a breadth and variety of management resources is critical. Attention to detail and strong time management skills are also required, along with juggling competing priorities.
Specific Responsibilities
Follow the CLIENT processes and methodologies for risk management Learn to effectively use the tools required for risk management at CLIENT such as PDMS / MetricStream / Archer
Comply with existing risk and control commitments and requirements
• Effectively Liaison between and across the cost centers composing Enterprise Production Assurance (EPA) and IT Resiliency and Data Center (ITR&DC) and the following control functions:
• Internal Audit Department
• Technical Risk Management
• Operational Risk Management
• Regulators / Regulatory Relations
• IT Risk Community of Excellence
• Management Control Testing
• Drive successful and timely completion of commitments and requirements
• Issues and Actions
• TRM network and app pen test findings, FOSS findings
• Risk acceptances and policy deviations
• PDMS Policy and Procedures document reviews
• Provide guidance and become trusted resource between stakeholders and control functions
• Assist with thoughtfully articulating issues and remediation plans, driving timely submissions to control functions
• Assist EPA and ITR&DC teams in tracking audit deliverables and facilitating management’s timely response to requests
• Track audit actions against defined delivery dates and assist with development of retarget plans as necessary
Protect stakeholders by identifying control adherence/design effectiveness gaps as first line of defense
• Conduct proactive Continuous Improvement Questionnaire (CIQ) to identify MSIs, policy deviations and risk acceptances to mitigate future control function findings
• Update Process, Risk & Control (PRC) framework proactively
• Review Key Performance Indicator (KPI) maker/checker compliance
• Effectively document meeting decisions and actions in a timely manner
• Work closely with management and stakeholders to accurately report status of audit and regulatory actions
• Collaborate effectively with the Risk Management Center of Excellence to drive the teams’ timely response to TRM, external Audit, and regulatory requests
Enable strategic improvement of IT control environment
• Integrate risk management into each team’s continuous improvement processes, roadmaps, and strategies
• Drive/facilitate control efforts
• Provide information and feedback to the CoE and control functions as appropriate
• Influence and support the Risk mindset of EPA & ITR and DC
Qualifications
• Minimum of 6 years of Financial Services industry related experience
• Bachelor's degree preferred with Masters or equivalent experience
Must have - Minimum of 6 years of Financial Services industry related experience. Cybersecurity experience and/or CISSP, CompTIA Security+ or other Cyber certification
Description:
The Information Technology group delivers secure, reliable technology solutions that enable CLIENT to be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential applications, building infrastructure capabilities to meet client needs and implementing data standards and governance.
Position Summary
The Principal Embedded Risk Manager (ERM) specializes in serving as a central point of contact and liaison aligned with IT that drives completion of, and adherence to, risk and control commitments, obligations, and requirements for their aligned departments; and is responsible for assisting stakeholders with the identification and timely remediation of risk. They are a top-level contributor that acts independently with minimal direction. The ERM’s ability to form strong relationships and communicate with a breadth and variety of management resources is critical. Attention to detail and strong time management skills are also required, along with juggling competing priorities.
Specific Responsibilities
Follow the CLIENT processes and methodologies for risk management Learn to effectively use the tools required for risk management at CLIENT such as PDMS / MetricStream / Archer
Comply with existing risk and control commitments and requirements
• Effectively Liaison between and across the cost centers composing Enterprise Production Assurance (EPA) and IT Resiliency and Data Center (ITR&DC) and the following control functions:
• Internal Audit Department
• Technical Risk Management
• Operational Risk Management
• Regulators / Regulatory Relations
• IT Risk Community of Excellence
• Management Control Testing
• Drive successful and timely completion of commitments and requirements
• Issues and Actions
• TRM network and app pen test findings, FOSS findings
• Risk acceptances and policy deviations
• PDMS Policy and Procedures document reviews
• Provide guidance and become trusted resource between stakeholders and control functions
• Assist with thoughtfully articulating issues and remediation plans, driving timely submissions to control functions
• Assist EPA and ITR&DC teams in tracking audit deliverables and facilitating management’s timely response to requests
• Track audit actions against defined delivery dates and assist with development of retarget plans as necessary
Protect stakeholders by identifying control adherence/design effectiveness gaps as first line of defense
• Conduct proactive Continuous Improvement Questionnaire (CIQ) to identify MSIs, policy deviations and risk acceptances to mitigate future control function findings
• Update Process, Risk & Control (PRC) framework proactively
• Review Key Performance Indicator (KPI) maker/checker compliance
• Effectively document meeting decisions and actions in a timely manner
• Work closely with management and stakeholders to accurately report status of audit and regulatory actions
• Collaborate effectively with the Risk Management Center of Excellence to drive the teams’ timely response to TRM, external Audit, and regulatory requests
Enable strategic improvement of IT control environment
• Integrate risk management into each team’s continuous improvement processes, roadmaps, and strategies
• Drive/facilitate control efforts
• Provide information and feedback to the CoE and control functions as appropriate
• Influence and support the Risk mindset of EPA & ITR and DC
Qualifications
• Minimum of 6 years of Financial Services industry related experience
• Bachelor's degree preferred with Masters or equivalent experience
Powered by JazzHR
h8AivoTuT4
