Senior Manager Risk

13 Aug 2024

Vacancy expired!

Responsibilities

  • Lead, manage and embed risk management practice across IT for Business Continuity:
    • Work with central Business Continuity Management (BCM) and Disaster Recovery (DR) teams to ensure an effective IT Business Continuity Program.
    • Ensure regular and timely completion of Business Impact Assessments (BIA) for all IT areas.
    • Create, update, and maintain a central repository of IT Business Continuity Plans (BCP)
    • Provide input as needed into BIAs, BCPs, and Risk Control Self Assessments (RCSA) to identify business continuity risks to IT.
    • Coordinate BCP and DR tests with the central BCM office and relevant IT departments.
    • Perform onsite vendor reviews of critical vendors as needed in coordination with central third party management office.
    • Risk identification, control design and effectiveness, control monitoring and testing of business continuity controls
    • Establish IT BC Risk appetite and Key Risk Indicators (KRIs)
    • Consult IT Risk and Control Self Assessments (RCSAs) for business continuity risks to IT
    • Aid in regulatory, SOX, internal audits and other risk assessment activities as they occur for the subject area.
  • Other responsibilities include:
    • Drive risk management practices within the Information Technology organization
    • Build strong partnerships within IT colleagues as well as Business, Compliance, Risk, Audit, and Legal partners
    • Drive strategic cross-functional Information Technology risk related initiatives, projects, and commitments most important to the leadership team
Qualifications

      • 10+ years of related audit, compliance, or risk management experience
      • One, current, internationally recognized professional certification, such as: CISA, CISM, CISSP, CRISC, CBCI, CBCP
      • Knowledgeable about processes, risks and controls/controls design
      • Knowledgeable of NIST, ITIL, COBIT, COSO, FFIEC CAT tool frameworks and methodologies
      • Experience in process and controls mapping methodologies
      • Knowledge of financial services industry related regulatory requirements
      • Communication, influencing, and collaboration skills
      • Ability to multitask and navigate competing priorities
      • Excellent verbal and written communication skills.
      • Strong knowledge of products, services, policies and regulations impacting risk, vendor risk, and information security (such as: GLBA, PII, PCI);
      • Proven ability to respond to changing circumstances.
      • Team player who is comfortable working in a dynamic and fast-paced environment with minimal supervision.
      • Ability to interact confidently with senior management.
      • Balance multiple projects and other responsibilities.
      • Strong attention to detail with a pro-active approach to solving and preventing problems.
      • Ability to work under pressure/deadlines and manage multiple priorities.
      • Exceptional interpersonal and partnership skills and the ability to positively influence outcomes, particularly in difficult situations.

Responsibilities:
  • Lead, manage and embed risk management practice across IT for Business Continuity:
    • Work with central Business Continuity Management (BCM) and Disaster Recovery (DR) teams to ensure an effective IT Business Continuity Program.
    • Ensure regular and timely completion of Business Impact Assessments (BIA) for all IT areas.
    • Create, update, and maintain a central repository of IT Business Continuity Plans (BCP)
    • Provide input as needed into BIAs, BCPs, and Risk Control Self Assessments (RCSA) to identify business continuity risks to IT.
    • Coordinate BCP and DR tests with the central BCM office and relevant IT departments.
    • Perform onsite vendor reviews of critical vendors as needed in coordination with central third party management office.
    • Risk identification, control design and effectiveness, control monitoring and testing of business continuity controls
    • Establish IT BC Risk appetite and Key Risk Indicators (KRIs)
    • Consult IT Risk and Control Self Assessments (RCSAs) for business continuity risks to IT
    • Aid in regulatory, SOX, internal audits and other risk assessment activities as they occur for the subject area.
  • Other responsibilities include:
    • Drive risk management practices within the Information Technology organization
    • Build strong partnerships within IT colleagues as well as Business, Compliance, Risk, Audit, and Legal partners
    • Drive strategic cross-functional Information Technology risk related initiatives, projects, and commitments most important to the leadership team

Qualifications:
      • 10+ years of related audit, compliance, or risk management experience
      • One, current, internationally recognized professional certification, such as: CISA, CISM, CISSP, CRISC, CBCI, CBCP
      • Knowledgeable about processes, risks and controls/controls design
      • Knowledgeable of NIST, ITIL, COBIT, COSO, FFIEC CAT tool frameworks and methodologies
      • Experience in process and controls mapping methodologies
      • Knowledge of financial services industry related regulatory requirements
      • Communication, influencing, and collaboration skills
      • Ability to multitask and navigate competing priorities
      • Excellent verbal and written communication skills.
      • Strong knowledge of products, services, policies and regulations impacting risk, vendor risk, and information security (such as: GLBA, PII, PCI);
      • Proven ability to respond to changing circumstances.
      • Team player who is comfortable working in a dynamic and fast-paced environment with minimal supervision.
      • Ability to interact confidently with senior management.
      • Balance multiple projects and other responsibilities.
      • Strong attention to detail with a pro-active approach to solving and preventing problems.
      • Ability to work under pressure/deadlines and manage multiple priorities.
      • Exceptional interpersonal and partnership skills and the ability to positively influence outcomes, particularly in difficult situations.