Fraud Risk Oversight Director overseeing risk management programs at Truist. Leading teams to ensure efficient risk practices and compliance within the financial services sector.
About the role
- AVP, IS Risk Management leading information security risk management activities. Overseeing risk assessments, third-party management, and compliance at Synchrony.
Responsibilities
- Lead and oversee risk assessments for outbound (external) data-sharing requests.
- Review Security Rating Service (SRS) tools for external entities to evaluate risk factors based on security posture, including historical cyber events, incidents, and data breaches.
- Lead and oversee the maintenance and renewal of Information Security job aids across all InfoSec L3 functions.
- Support Third-Party Risk Management (TPRM) activities, including risk profiles, SIRF reviews, critical vulnerability surveys, metrics, and reporting.
- Liaise with SRMP teams to coordinate and drive process simplification and enhancements, serving as the Third-Party Security (3PS) Subject Matter Expert (SME).
- Drive PCI supplier oversight by analyzing in-scope suppliers, collecting required artifacts/documentation, maintaining the PCI evidence inventory, and monitoring ongoing PCI compliance.
- Compile supporting evidence for PCI DSS supplier oversight controls and present documentation to the external QSA for audit review.
- Deliver security awareness sessions as part of the employee onboarding program for India central hubs.
- Lead and oversee timely and effective execution of the exception reconciliation process (DLP and TLS).
- Support the development and continuous improvement of security risk management standards and procedures.
- Develop metrics and reporting and support ongoing monitoring to confirm processes operate as designed and risks are tracked appropriately.
- Support risk management special projects across PCI, risk management, and related initiatives.
Requirements
- Bachelor’s degree in Computer Engineering or related field, with a minimum of 5+ years of experience in Information Security OR in lieu of the Bachelor's degree, a minimum of 7+ years of experience in Information Security.
- Minimum 2+ years of experience conducting security risk assessments.
- Good understanding of IS Risk Management Concepts.
- Good understanding of IT related US Banking regulations & industry best practices (NIST, PCI DSS, HIPAA, CRI etc.).
- Excellent interpersonal skills with ability to influence team members, management & external groups.
- Self-motivated & able to work independently or in a team environment & work with virtual teams.
- Certifications (preferred): CISM, CISA, CCSP, CISSP (or equivalent).
Benefits
- Best-in-class employee benefits and programs that cater to work-life integration and overall well-being.
- Career advancement and upskilling opportunities, focusing on Advancing Diverse Talent to take up leadership roles.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Overseeing Third Party Risk Management related activities at Truist. Managing application and reporting strategy along with technology enablement support.
Manager overseeing Operational Risk Management for Manulife. Responsible for effective risk governance, data analysis, and cross - functional collaboration.
Risk Management Manager at Early Warning leading LOD1 risk and internal control efforts. Overseeing and coordinating risk management processes across various business lines and compliance areas.
AI and Model Risk Lead Consultant at Allstate responsible for model and AI risk management across enterprise. Leading initiatives, ensuring compliance, and supporting various risk assessments and governance frameworks.
Governance & Control Specialist managing risk and compliance activities at TD Bank. Overseeing governance and control operations, leading initiatives to enhance risk management practices.
Analista de Governança, Processos e Inteligência em TI at Afya, focusing on IT governance and compliance processes and controls.
Energy Market Risk Analyst at Next Kraftwerke working on product verification and risk assessment. Collaboration with Finance and Trading teams in a hybrid working environment.
IT Risk & Control Specialist developing and implementing IT Risk & Control framework. Collaborating with stakeholders to enhance IT governance in a dynamic environment.
Governance & Controlling Intern at Zurich managing databases and monitoring portfolios. Collaborating with experts and enhancing skills through real - world experience.