The US Banks are seeking a Lead Independent Risk Management Executive for Information Technology and Security risk – a newly created role. The Banks’ technology, information security and cyber risk management needs are serviced by the Firm and, as such, the role requires strong interpersonal skills to develop and maintain strong relationships with all stakeholders.
Watch: Career Advice
Primary Responsibilities
Key responsibilities include:
-Lead the Information Technology and Information Security Independent Risk Management Function;
-Establish, maintain and oversee the Technology and Information Security Risk Governance Framework and associated policies and standards;
-Ownership of the testing framework, and oversight of the testing programs;
-Create, update, ensure compliance with, and educate the Banks and Firm Stakeholders on the IT and Information Security Policy, including as it applies to information technology suppliers;
-Ensure that the risks in the US Banks are well known and understood by both self and the risk leadership;
-Ensure Key Risk Indicators (KRIs) and thresholds are appropriate for the Technology and Cyber Risk including at the monitoring level, and the Risk Governance Framework level.
-Evaluate Resourcing Requirements to address the enhanced Framework;
-Chair the Bank Technology and Security Risk Management Committees;
-Represent the US Banks on all Technology Related Firm Committees;
-Provide updates to the quarterly IRM Risk Assessment for Both US Banks, including an aggregated, independent view of enterprise-wide technology and information security risk;
-Oversee the implementation of the Information Technology and Information Security Enhancements;
-Oversee and challenge the annual process for self-assessment of risk;
-Provide monthly and quarterly risk reporting;
-Participate in Operational Reviews such as the Weekly Incident Review Meeting;
-Build strong positive relationships with the broader Risk community in first line Technology; and,
-Monitor industry developments in the management of IT infrastructure risk.
QUALIFICATIONS
Skills required (essential)
Skills
-Expertise in understanding of technology concepts and terminology (aptitude and working knowledge of distributed computing environment preferred with regards to impact on financial performance);
-10+ years of experience in Leadership for Technology organizations;
-Strong communication / interpersonal skills to be able to interact at all levels & be effective as part of a broader team of Firm, Bank Management and Risk professionals;
-Ability to formulate & deliver senior management level presentations;
-Risk related experience within Cyber Risk and Information Technology;
-Ability to draft high quality written products that are comprehensive, accurate, and tailored to the audience;
-Excellent oral and written communication skills, as the role involves a high amount of interaction with senior management across multiple divisions, including Business, Technology, Firm Control organizations (e.g. Compliance & Legal);
-Strong analytical and problem-solving skills;
-Proficiency in MS Office and related applications (Word, Excel, Powerpoint, Access, Visio, Project);
-Self-starter with a can-do approach;
-Excellent influencing skills; and
-Accurate, tenacious and delivery focused mind set with good attention for detail.
Education
-Graduate Degree
Qualities
-Good use of initiative, judgement and decision making;
-Strong multi-tasking skills - flexible and adaptive to change and willing to learn and manage a broad range of tasks;
-Basic business knowledge and interest - demonstrates willingness to learn about the business and the projects;
-Flexible in tasks and working hours;
-Self-starter able to complete role with minimal supervision, paying close attention to detail;
-Pro-active: identifies other “value-add” areas. Identifies areas for improvement and suggests solutions; and
-Industry Certifications a plus.
Send To A Friend
Posts
