Senior Associate supporting compliance solutions for institutional clients in asset management. Delivering regulatory compliance and risk management expertise within a hybrid work environment.
SG
Hybrid GRC Senior Manager – Vice President
Posted last month
About the role
- Cyber Governance, Risk and Compliance professional at SMBC with 7+ years in Cybersecurity and IT Audit. Leading coordination of audits and compliance activities while enhancing risk management practices.
Responsibilities
- Lead role for a portfolio of assignments;
- Lead the successful coordination of various assessments or assessment activities on behalf of Cybersecurity. These assessments may include, but are not limited to: Internal Audits, External Audits, Compliance Reviews, as well as US State, US Federal, and other Region-specific Regulatory Exams;
- Familiarity with controls testing program delivery, including conducting walkthroughs, and supporting design and operating effectiveness testing.
- Enhance coordination efforts each year ensuring inefficiencies identified in previous years are actively addressed and improved.
- Direct & provide guidance to other members of the ARM team in the performance of their tasks.
- Collaborate closely with key stakeholders across the 2LoD (Operational Risk) and 3LoD (Internal Audit) as they undertake assessment / audits over Information Security controls;
- Communicate effectively and timely with auditors where necessary to affirm their understanding of controls in place to ensure the audit testing approach is effective and their requests are appropriate and clear.
- Able to confidently & clearly articulate to auditors / stakeholders controls in place and identification of compensating controls;
- In turn be able to clearly explain the request to Evidence Providers or Control Owners outlining the risks controls being tested assisting them where necessary to ensure the correct artefact is provided (Please note this is NOT an auditor role – The Cyber Governance, Risk and Compliance Manager will serve as the liaison with the Assessors)
- Collaborate with stakeholders to identify continuous improvement opportunities in Controls, Processes and Procedures.
- Assist ARM Leadership to strategically manage and develop the ARM program.
- Engage with auditors at early stage in preliminary findings to ensure completeness and accuracy of understanding
- Responsible for reviewing preliminary findings for plausibility engaging with Control Owners, Senior Management & Relevant Subject Matters Experts as applicable;
- Working with Service Providers Control Owners draft formal management responses to findings for Information Security management review with the expectation of minimal management oversight required;
- Manage and track audit issues to closure providing periodic status updates to Information Security Management
- Strong understanding of Governance, Risk and Compliance (GRC) practices to support Information Security’s adherence to authoritative frameworks (FFIEC, COBIT, NIST, ISO etc.) and U.S. regulatory expectations.
- Understanding of Information Security controls and associated risks.
Requirements
- 7 plus years experience in Cybersecurity / IT Audit (Big-4 experience or related financial services industry experience preferable) and/or Cybersecurity Risk (with active CISA and/or CRISC certification a plus) or other risk management and audit roles
- 7 plus years of experience working with common risk management frameworks, including RCSAs, control testing programs and maturity assessments
- Experience working with Cybersecurity teams to strengthen their adherence to organizationally defined Cybersecurity controls.
- Experience executing control testing, reporting, and tracking control remediation
- Strong verbal and written communication skills.
- Ability to demonstrate a self-motivated and disciplined approach to learning and working.
- Ability to work in a team environment and demonstrate leadership skills when needed.
- Possess a highly developed sense of personal accountability and follow-through with an ability to effectively prioritize multiple personal tasks, projects, and goals.
Benefits
- SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Compliance Analyst supporting the management of compliance models and processes at Tenpo. Contributing to building a solid compliance culture focusing on crime prevention and data protection.
Advertising Compliance Specialist ensuring compliance and operational excellence in the insurance sector. Collaborating on regulatory changes and supporting product development in a hybrid role.
Intern coordinating regulatory projects and compliance for Eversource Energy, engaging with legal, regulatory, and business teams. Involves monitoring regulatory changes and ensuring compliance across your duties.
Regulatory Policy Specialist developing regulatory case filings and strategies supporting company goals at Xcel Energy. Collaborating with stakeholders and senior management to ensure compliance and effective communication.
Manager overseeing leave and immigration compliance at Cedars - Sinai Medical Center. Ensuring adherence to laws while leading HR and compliance teams.
Experienced Quality Systems Specialist at Boeing supporting FAA Certification activities. Involves quality assurance plans and audits in manufacturing and regulatory environments.
Chief of Regulation overseeing programmatic and operational activities for Florida's Division of Licensing. Responsible for budget management and ensuring compliance with policies and procedures.
Compliance Business Oversight Manager managing compliance risk at TD Bank. Overseeing Affiliate Transactions Data Review and providing insights on regulatory compliance.
Regulatory Affairs Professional creating clinical evaluation documents for medical devices in a fast - growing biotech company. Collaborating with stakeholders and ensuring compliance with regulations.