Vacancy expired!
BE PART OF A BANK LIKE NO OTHER.
When you work with the world's most innovative companies, you know you're making a difference.Our clients are the game changers, leaders and investors who fuel the global innovation economy. They're the businesses behind the next medical breakthroughs. And the visionaries whose new technologies could transform the way people live and work.They come to SVB for our expertise, deep network and nearly forty years of experience in the industries we serve, and to partner with diverse teams of passionate, enterprising SVBers, dedicated to an inclusive approach to helping them grow and succeed at every stage of their business.Join us at SVB and be part of bringing our clients' world-changing ideas to life. At SVB, we have the opportunity to grow and collectively make an impact by supporting the innovative clients and communities SVB serves. We pride ourselves in having both a diverse client roster and an equally diverse and inclusive organization. And we work diligently to encourage all with different ways of thinking, different ways of working, and especially those traditionally underrepresented in technology and financial services, to apply.Job DescriptionThe Sr. IT Risk Manager will play a key role in the ongoing technology transformation journey of the Bank. This position will be responsible for overall assurance of the compliance of enterprise platforms with established security, risk and governance requirements of the Bank. Streamlining existing processes and maximizing automation is a major responsibility for this role, and it includes developing and operationalization programmatic guardrails in collaboration with owners and architects of established and emerging enterprise platforms.In this role you will interact directly with a cross-functional team of multiple stakeholders across the bank including leadership teams of enterprise Cloud, API and DevSecOps platforms as well as overall enterprise platform governance leadership.Once Here You Will:- Assess existing control frameworks and implementations within enterprise platforms against the security, risk and compliance requirements of the bank
- Design Controls framework and Controls library for Cloud, API and DevSecOps platforms meeting Industry standards and best practices
- Provide subject matter expertise to strength controls design and implementation effectiveness
- Communicate platform control gaps and remediation plan to internal and external stakeholders
- Implement processes for continuous compliance of enterprise technology platforms against control framework across people, process and technology
- Partner with technical leadership and architects of enterprise platforms to continuously improve and maximize automation of the controls within the framework
- Partner with product managers of enterprise platforms to ensure control gap remediation are incorporated into platform delivery roadmaps and prioritized
- Engage with teams leveraging the platforms to ensure understanding of the risk mitigation provided by controls within the framework and what additionally is required by adopting teams
- Develop metrics and reporting to provide visibility to leadership and stakeholders on maturity of adoption of the controls framework across enterprise platforms
- Manage stakeholders and their expectations
- Effectively communicate ideas and information with peers, management, and customers
- Serve as a Change Agent and contribute to a culture of continuous compliance
- Liaison with 1st, 2nd and 3rd Risk LOD
- Liaison with Modern Platform owners and Application owners to ensure compliance
- 10+ years of overall industry experience, specifically around cybersecurity, IT risk management, IT audit or compliance
- 4+ years working experience with cloud platforms (AWS) and DevOps
- Passion for achieving excellence in delivery, solving complex problems, and taking ownership
- Expertise in IT operations and security control domains (including application security, change management, disaster recovery, data center operations, information security and networking)
- Knowledge of, and experience with, financial services regulatory frameworks such as PCI, SOX, FFIEC, CIS20, GDPR, GLBA, CCPA
- At least one of the following security certifications: CISSP, CISM, PCI-QSA certifications, or Certified ISO27001 Lead Implementer
- Experience with enterprise IT management frameworks (e.g. COBIT, ITIL)
- Excellent technical, analytical, problem solving, multitasking, and time management skills with consistent attention to detail
- Ability to effectively learn, communicate and use new processes, concepts, tools, and methodology to support the needs of the business
- Strong interpersonal skills, with the ability to work across functional lines and at many levels
- Excellent presentation (written and verbal) communication skills. Ability to effectively communicate technical issues and solutions to all levels of business
- Ability to effectively share technical information and train and mentor less experienced or knowledgeable team members