Risk Management Lead managing the development of IESO's enterprise risk management program. Collaborating across the organization to identify, assess, monitor, and report on risks.
About the role
- IT Risk Principal providing risk governance and oversight across technology and operational risks at Huntington Bank. Managing cybersecurity programs and compliance in a financial institution.
Responsibilities
- Management of processes to ensure credible challenge, oversight, and validation of IT risk findings/action plans/risk acceptances and 1st line risk and control assessments across the Bank
- Management and Oversight of assigned L2 risk(s) from our Risk Registry in alignment with our risk appetite
- Participation and Challenge within the IT Policies and Standards framework and processes to ensure output is aligned with risk appetite. This includes metrics, controls, process maps and other wholesale material for a healthy standard.
- Deliver periodic IT risk updates at governance meetings and active participation in the IT Risk Committee and associated sub-forums
- Deliver quarterly independent IT Risk Assessments and targeted assessments to form and support the Bank’s IT risk profile
- Providing Risk Management leadership across the Bank’s Information Technology, and Operational risks
- Assisting with determining the IT Risk Program's strategy and areas of focus
- Participation in our mentorship programs in alignment with our focus on colleague growth
- Provide Risk Management and thought leadership across the Bank’s Cyber and Cloud domains
- Active participation and challenge of proposed and existing Cyber processes and procedures focused on key topics including Threat and Vulnerability Management, Network Governance and Domain Management, Cybersecurity Operations, Zero Trust, Posture Compliance and Drift Management, Data Governance, Security Education and Outreach Management, Post Quantum Computing, Cyber Risk Quantification, and Red\Blue\Purple Teaming
- Engage with subject/domain owners to provide effective challenge of strategy, decisions, roadmaps, tools/solutions, policies/standards, findings/action plans/risk acceptances, etc.
- Provide deep analysis of Cyber and Cloud vendors, products and services
- Active analysis and oversight of Cyber governance technology controls
Requirements
- Bachelor's degree or equivalent level of work experience
- Five or more years relevant experience in a technology role, directly supporting technology processes or assets (applications/systems/etc.) within a financial institution.
- Previous experience serving in a Governance/Risk/Compliance/Audit function, ideally in a leadership role and with a large firm
- Effective advisory and collaboration skills, and ability to drive consensus
- Advanced understanding of the IT process (developing, delivering, supporting technology) and associated grasp of Technology Risks and Controls
- Logical and organized problem solver
- Effective written and verbal communication skills.
- Critical/strategic thinker (able to look at something strategically and think risk, efficiency, cost, etc. – big picture ‘so what’ analysis and can execute what’s needed to help support the effort)
- Process-oriented mindset and able to tell a story leveraging data
- Time management/organized/ability to prioritize
- Managerial courage and ability to effectively interact with various levels of leadership
- In-depth knowledge of risk management processes and principles, including experience assessing risks, analyzing testing results and developing remediation plans
- Strong preference for recognized industry certification such as ISACA CRISC/CISA/CISM, ISC2 CISSP/SSCP, or similar. Where these certifications are not possessed at the time of hire, the candidate will be expected to obtain certification within a 12-month period
- Experience working in the Financial Services industry
- KPI/KRI metrics and reporting experience
Benefits
- health insurance coverage
- wellness program
- life and disability insurance
- retirement savings plan
- paid leave programs
- paid holidays
- paid time off (PTO)
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Data/Operations Analyst analyzing insider and cyber risks for SMBC. Utilizing data analytics and reporting to enhance cybersecurity measures in a hybrid work environment.
Lead Data Governance & Data Quality team for Insider Risk. Analyzing data sources and developing quality metrics while collaborating with cross - functional teams.
SG
Executive Director leading Treasury Risk Management group for SMBC in the Americas. Responsible for Interest Rate Risk and Portfolio Mark - to - Market Risk Oversight with extensive collaboration and leadership.
Head of Liquidity Risk Oversight managing a team for SMBC's Treasury Risk Management. In charge of liquidity risk for the Americas region overseeing a $300B balance sheet.
Manager, Third Party Risk Assessment leading assessments of suppliers’ information security practices. Collaborating across teams to drive operational excellence in a global financial services organization.
Senior Consultant at Truist overseeing governance programs with focus on marketing strategy and operational efficiencies. Collaborating with division leadership, advising on compliance and risk management, within the financial services sector.
Vice President managing Technology and Operational Resiliency Risk at USAA. Overseeing risk management programs ensuring compliance with regulations and alignment with strategic objectives.
Business Risk Manager supporting risk management practices at State Street, overseeing execution of business line risk management and compliance within the Middle East.
Manage risk management function for business unit at M&T Bank, overseeing risk assessments and team functions. Lead compliance with risk policies and ensure proper identification of risks.