About the role

Senior Manager overseeing ORM Governance and Practices, leading risk management strategies in a dynamic financial services environment. Responsible for compliance and operational risk evaluations while fostering team development.

Responsibilities

Lead a high performance team by providing exceptional leadership ongoing training, coaching, and performance management.
Perform validation of identified controls to ensure they have adequate governance, evidence of execution, and appropriate monitoring and escalation.
Independently identify risk through undefined processes or ways that are not pre-determined.
Document validation results, prepare work papers to evidence validation methods, and draft final reports for customers summarizing validation results.
Ensure issues are properly reported to business areas and remediated appropriately.
Perform and support detailed data analysis to include trending and issue identification.
Identify emerging risks, process improvements, or areas for increased training through the analysis of results.
Responsible for building and maintaining relationships with business partners while adhering to the highest ethical standards required for independent validation.
Manage work across organizational lines to achieve results and manage competing priorities.
Support procedure reviews and document updates.
Develop communications (written and presented) to support findings.

Education and/or experience typically obtained through completion of a Bachelor’s degree in Computer Science, Business Administration, Finance, Accounting or related field.
10 or more years of related experience in audit, operational risk or other risk management roles or prior testing and quality assurance experience.
4 or more years of direct people responsibility or equivalent project leadership experience
Strong validation or audit experience in information security, information security compliance, IT audit, information technology or related.
Expertise in ISO 27002, PCI DSS 3.2 or current, NIST 800-53a, SIG, FFIEC handbooks, SOC2 Type II, GLBA, FCRA.
Technical experience with security-related technologies including firewalls, IDS, vulnerability management, anti-virus, data loss prevention, two factor authentication, and VPN.
Certification in one or more of the following: CISA, CISM, CISSP, CCSP, CRISC, GSNA, CGIH, or equivalent.
Excellent communication skills and ability to influence and guide others.
Strong relationship building skills.
Excellent verbal and written communication skills.
Highly organized, detail oriented combined with excellent analytical and technical skills.

Healthcare Coverage – Competitive medical (PPO/HDHP), dental, and vision plans as well as company contributions to your Health Savings Account (HSA) or pre-tax savings through flexible spending accounts (FSA) for commuting, health & dependent care expenses.
401(k) Retirement Plan – Featuring a 100% Company Safe Harbor Match on your first 6% deferral immediately upon eligibility.
Paid Time Off – Flexible Time Off for Exempt (salaried) employees, as well as generous PTO for Non-Exempt (hourly) employees, plus 11 paid company holidays and a paid volunteer day.
12 weeks of Paid Parental Leave
Maven Family Planning – provides support through your Parenting journey including egg freezing, fertility, adoption, surrogacy, pregnancy, postpartum, early pediatrics, and returning to work.