DescriptionWe are looking for a Technology Risk & Controls Manager (individual contributor) for our Cybersecurity & Technology Controls (CTC) organization to analyze, consolidate and report on trends/metrics suitable for consumption at varying levels of technical and risk understanding, as well as all levels of management, including external regulators. The successful candidate will need to be able to understand and articulate cyber and technological risks and work with technical and non-technical control owners to derive actionable and measurable remediation tasks.
This role is an opportunity to work with a diverse collection of stakeholders within an exciting technical environment at the leading edge of digital banking and propel your knowledge and experience.
Responsibilities:
- Support/Own the definition and maintenance of the technology risk and control environment for the line of business
- Assess the effectiveness of technology controls against requirements and policy statements
- Support and co-ordinate responses to 2LOD, Audit, Regulator & Customer requests for information on control obligations
- Analyze and report on compliance of cyber and technology controls against LOB (Lines of Business), Firmwide and Regulatory Standards
- Maintain relationships with stakeholders to facilitate oversight and effectiveness of the technical control environment
- Support/Own reporting products used to ensure stakeholders are kept appraised of the performance of the technology control environment
- Validate that business Key Risk Indicators are accurately captured & included in prioritization activities
Skills/ Qualifications:
- An understanding of Enterprise Risk Management practices in a technical environment
- Technical and operational understanding of financial services regulations
- Self-motivated and with a desire to learn
- Ability to operate on multiple tasks whilst still achieving high delivery standards
- Technical Understanding of Cloud and on-prem computing (Public/AWS, Private, Hybrid)
- Collaborative, team oriented, strong communication skills
- CISSP (Certified Information Systems Security Professional) or equivalent experience
- CRISC (Certified in Risk and Information Risk Controls)
