Sr. IT Risk Manager

28 Nov 2024

Vacancy expired!

BE PART OF A BANK LIKE NO OTHER.

When you work with the world's most innovative companies, you know you're making a difference.

Our clients are the game changers, leaders and investors who fuel the global innovation economy. They're the businesses behind the next medical breakthroughs. And the visionaries whose new technologies could transform the way people live and work.

They come to SVB for our expertise, deep network and nearly forty years of experience in the industries we serve, and to partner with diverse teams of passionate, enterprising SVBers, dedicated to an inclusive approach to helping them grow and succeed at every stage of their business.

Join us at SVB and be part of bringing our clients' world-changing ideas to life. At SVB, we have the opportunity to grow and collectively make an impact by supporting the innovative clients and communities SVB serves. We pride ourselves in having both a diverse client roster and an equally diverse and inclusive organization. And we work diligently to encourage all with different ways of thinking, different ways of working, and especially those traditionally underrepresented in technology and financial services, to apply.

Job Description Silicon Valley Bank serves many of the most innovative companies in the world. Our clients are forward thinkers. True believers. Optimists. Game-changers. Inspired by them, we're changing the face of banking. We need technology experts with the same can-do attitude as our clients. We're looking for creative thinkers who want to create a truly seamless banking experience on a global scale.

We have an exciting opportunity in our Governance, Risk & Compliance team. The Sr. IT Risk Manager will be responsible for running and improving the IT risk management program based on industry-accepted risk frameworks and SVB standards. This individual will be an integral part of the Global Services organization and will help improve the maturity level of IT risk practices across the bank, as the organization continues to grow at a rapid pace. This position will be focused on risk management activities for a the Technology Division at Silicon Valley Bank.

This function has the core responsibility of leading and supporting the Technology organization in its efforts to identify, measure, monitor, and control IT risks. The IT Risk Manager will help provide support to other Business Risk Officers around identification and managing of risks.

The role will focus on proactive identification and mitigation of Technology risks as well as responding to observations identified by third party auditors or examiners. The IT Risk Manager will also assist in developing periodic reports and dashboards presenting the level of controls compliance and the current IT risk posture.

Primary Responsibilities:
  • Lead various risk management activities for the IT Systems and Processes that support the Technology Function at SVB. The IT Risk Manager's primary responsibilities will be to identify, manage and report on risks related to IT systems/processes.
  • Horizontal Relationships: Build effective relationships with various Business Lines within Technology, IT management and staff, as well as external stakeholders in Security, Compliance, Enterprise Risk Management, and Internal Audit. Broaden and deepen knowledge of the business and environment of IT with respect to the delivery of projects, strategic initiatives and systems portfolio to effectively assist IT managers and staff with risk and compliance management.
  • Audit Coordination & Action Plan Development: Assist IT managers and staff with the audits and facilitate management response and remediation efforts. Verifying appropriate remediation measures are taken and effectively completed. Ensure overall IT compliance with regulatory requirements including SOX, GLBA and PCI through proactive planning and communication, ownership and relationships.
  • SOX Coordination: Assist IT managers and staff with quarterly SOX walkthroughs, SOX control testing, IPE Co-ordination with the business.
  • Identification and Verification of controls - Hands on experience in identification of controls and testing controls specifically in security and privacy technology processes, data management process area preferred. Working with stakeholders to track and report control deficiency remediation progress
  • IT Risk Self-Assessments: Conduct information technology risk self-assessments to identify gaps and make sound recommendations for improvement. Identify acceptable levels of residual risk, and assist with action plans, policy and procedural changes for risk mitigation. Tracking and reporting the status of management action plans for the deficiencies identified through IT risk self-assessments, control self-testing, security assessments, and internal / external audits. Interpreting regulatory requirements into actionable internal IT controls and validating compliance with these requirements.
  • IT Self-testing: Perform self-testing in areas within Information Technology to determine adherence to controls, policy, procedures and standards. Follow up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure appropriate remediation measures are taken.
  • Active Action Plan Monitoring: Track mitigation steps (from self-assessments, exams, audits etc.) and ensure that risks are remediated appropriately and in a timely manner. Ensure all risks are logged in the appropriate GRC tool and actively tracked and managed.
  • Policies, Standards, Procedures & Methods: Assist IT management and staff with the development of IT policies, standards, guidelines, procedures and methods. Champion industry best practices and standard frameworks such ISACA, COBIT, ITIL, CMMI, etc.

Skills and Requirements:

  • 8+ years of IT audit and/or IT risk management experience at a Big 4 firm, a financial services company or other regulated organization.
  • 5+ years hands on experience with SOX audit and experience in performing tests of design and effectiveness over IT controls.
  • Technology Risk Management Experience with strong understanding of various Technology Functions
  • Ability to effectively complete control testing work papers, collect supporting evidence from different stakeholders and share the testing results with control owners to work on defining action plans to remediate the gaps.
  • Capability to work on the multiple tasks simultaneously with minimal direction in in fast-paced environment.
  • Proactive, strong interpersonal skills.
  • Proficient in Microsoft Excel and PowerPoint.
  • Bachelors Degree Required
  • One or more professional certifications highly desirable, such as CGEIT, CISA, CISM, CISSP, CRISC.
  • Experience with using or implementing GRC tools.
  • Working knowledge of (or willingness to learn) key regulations within risk management and financial services industry, such as FFIEC, GLBA, GDPR, PCI.
  • Familiarity in IT risk and compliance activities and general understanding of industry frameworks (as such COBIT, ITIL), and technology (Oracle database, Active Directory).

2021 SVB Financial Group. All rights reserved. SVB, SVB FINANCIAL GROUP, SILICON VALLEY BANK, MAKE NEXT HAPPEN NOW and the chevron device are trademarks of SVB Financial Group, used under license. Silicon Valley Bank is a member of the FDIC and the Federal Reserve System. Silicon Valley Bank is the California bank subsidiary of SVB Financial Group (Nasdaq: SIVB ).

Equal Employment Opportunity

Silicon Valley Bank is an equal opportunity employer and is dedicated to expanding its commitments and investments to create a more diverse, equitable and inclusive company culture and innovation ecosystem. We are strongly committed to the values and policy of equal employment opportunity across our employment practices.

Silicon Valley Bank is registered in England and Wales at Alphabeta, 14-18 Finsbury Square, London EC2A 1BR, UK under No. FC029579. Silicon Valley Bank is authorised and regulated by the California Department of Business Oversight and the United States Federal Reserve Bank; authorised by the Prudential Regulation Authority with number 577295; and subject to regulation by the Financial Conduct Authority and limited regulation by the Prudential Regulation Authority. Details about the extent of our regulation by the Prudential Regulation Authority are available from us on request.

  • ID: #23583672
  • State: Arizona Tempe 85280 Tempe USA
  • City: Tempe
  • Salary: USD TBD TBD
  • Job type: Permanent
  • Showed: 2021-11-28
  • Deadline: 2022-01-26
  • Category: Systems/networking