Director of IT Risk Management - Financial Services

---

Job description

Required Skills: Financial Services Industry, IT Infrastructure Mainframe, distributed, cloud, network, Risk, Audit Control, Regulators / Regulatory Relations, Control Testing.

Job Summary: The Principal Embedded Risk Manager (ERM) specializes in serving as a central point of contact and liaison aligned with IT that drives completion of, and adherence to, risk and control commitments, obligations, and requirements for their aligned departments; and is responsible for assisting stakeholders with the identification and timely remediation of risk. They are a top-level contributor that acts independently with minimal direction. The ERM's ability to form strong relationships and communicate with a breadth and variety of management resources is critical. Attention to detail and strong time management skills are also required, along with juggling competing priorities.

Business Unit Description: The Information Technology group delivers secure, reliable technology solutions that enable be the trusted infrastructure of the global capital markets. The team delivers high-quality information through activities that include development of essential applications, building infrastructure capabilities to meet client needs and implementing data standards and governance.

Basic Qualifications:

Familiarity with IT Infrastructure Mainframe, distributed, cloud, network, disaster recovery, automation, ITIL processes

Able to identify Audit control gaps in engineering platforms and processes

Strong written and verbal communications and presentation skills

Accountable to take necessary actions to continuously meet required deadlines and goals

Convinces others by making a strong case, bringing others along to their viewpoint; builds strong, trusting relationships while being comfortable challenging ideas.

Thinks boldly and out of the box, generates new ideas and processes, confidently pursues challenges

Bachelor's degree preferred with Masters or equivalent experience

Specific Responsibilities:

Follow the processes and methodologies for risk management

Learn to effectively use the tools required for risk management at such as PDMS / Archer

Comply with existing risk and control commitments and requirements

Liaison between and across the IT and the firm with the following control functions:

Internal Audit Department

Technical Risk Management

Operational Risk Management

Regulators / Regulatory Relations

IT Risk Community of Excellence

Management Control Testing.

Drive successful and timely completion of commitments and requirements

Issues and Actions

TRM network and app pen test findings, FOSS findings

Risk acceptances and policy deviations

PDMS Policy and Procedures document reviews

Provide guidance and become central point of contact between stakeholders and control functions

Assist with articulating issues and remediation plans, drive timely submissions to control functions

Assist IT teams in tracking audit deliverables and facilitating management's timely response to requests

Track audit actions against defined delivery dates and assist with development of retarget plans as necessary.

Protect stakeholders by identifying control adherence/design effectiveness gaps as first line of defense

Conduct proactive Continuous Improvement Questionnaire meetings to identify MSIs, policy deviations and risk acceptances to mitigate future control function findings

Update Process, Risk & Control (PRC) framework proactively

Review Key Performance Indicator (KPI) maker/checker compliance

Work closely with management and stakeholders to accurately report status of audit and regulatory actions

Collaborate effectively with the Risk Management Center of Excellence to drive the teams' timely response to TRM, external Audit, and regulatory requests.

Enable strategic improvement of IT control environment:

Integrate risk management into each team's continuous improvement processes, roadmaps, and strategies

Drive/facilitate control efforts

Provide information and feedback to the CoE and control functions as appropriate

Influence and support the Risk mindset of IT

Leadership Competencies:

Accountability: Demonstrates reliability by taking necessary actions to continuously meet required deadlines and goals.

Global Collaboration: Applies global perspective when working within a team by being aware of own style and ensuring all relevant parties are involved in key team tasks and decisions.

Communication: Articulates information clearly and presents information effectively and confidently when working with others.

Influencing: Convinces others by making a strong case, bringing others along to their viewpoint; maintains strong, trusting relationships while at the same time is comfortable challenging ideas.

Innovation and Creativity: Thinks boldly and out of the box, generates new ideas and processes, and confidently pursues challenges as new avenues of opportunity.

Bachelor's degree preferred with Masters or equivalent experience

Must Have Skills, Experience:

Minimum of 6 years of Financial Services industry related experience.

Familiarity with IT Infrastructure Mainframe, distributed, cloud, network, disaster recovery, automation, ITIL processes.

Able to identify Audit control gaps in engineering platforms and processes.

Strong written and verbal communications and presentation skills.

Convinces others by making a strong case, bringing others along to their viewpoint; builds strong, trusting relationships while being comfortable challenging ideas.

Thinks boldly and out of the box, generates new ideas and processes, confidently pursues challenges.

Bachelor's degree required with Masters preferred or equivalent experience

<!– job description page –>