Job was saved successfully.
Job was removed from Saved Jobs.

Sr. IT Risk Manager

NPAworldwide Recruitment Network

Last Updated: 9/30/22

Job Description

Job description:

Sr. IT Risk Manager Tempe, Atlanta, Charlotte, Austin, Boston, Santa Clara

The Sr. IT Risk Manager will play a key role in the ongoing technology transformation journey of the Bank. This position will be responsible for overall assurance of the compliance of enterprise platforms with established security, risk and governance requirements of the Bank. Streamlining existing processes and maximizing automation is a major responsibility for this role, and it includes developing and operationalization programmatic guardrails in collaboration with owners and architects of established and emerging enterprise platforms.

In this role you will interact directly with a cross-functional team of multiple stakeholders across the bank including leadership teams of enterprise Cloud, API and DevSecOps platforms as well as overall enterprise platform governance leadership.

Once Here You Will:

  • Assess existing control frameworks and implementations within enterprise platforms against the security, risk and compliance requirements of the bank
  • Design Controls framework and Controls library for Cloud, API and DevSecOps platforms meeting Industry standards and best practices
  • Provide subject matter expertise to strength controls design and implementation effectiveness
  • Communicate platform control gaps and remediation plan to internal and external stakeholders
  • Implement processes for continuous compliance of enterprise technology platforms against control framework across people, process and technology
  • Partner with technical leadership and architects of enterprise platforms to continuously improve and maximize automation of the controls within the framework
  • Partner with product managers of enterprise platforms to ensure control gap remediation are incorporated into platform delivery roadmaps and prioritized
  • Engage with teams leveraging the platforms to ensure understanding of the risk mitigation provided by controls within the framework and what additionally is required by adopting teams
  • Develop metrics and reporting to provide visibility to leadership and stakeholders on maturity of adoption of the controls framework across enterprise platforms
  • Manage stakeholders and their expectations
  • Effectively communicate ideas and information with peers, management, and customers
  • Serve as a Change Agent and contribute to a culture of continuous compliance
  • Liaison with 1st, 2nd and 3rd Risk LOD
  • Liaison with Modern Platform owners and Application owners to ensure compliance

What Youll Bring:

  • 10+ years of overall industry experience, specifically around cybersecurity, IT risk management, IT audit or compliance
  • 4+ years working experience with cloud platforms (AWS) and DevOps
  • Passion for achieving excellence in delivery, solving complex problems, and taking ownership
  • Expertise in IT operations and security control domains (including application security, change management, disaster recovery, data center operations, information security and networking)
  • Knowledge of, and experience with, financial services regulatory frameworks such as PCI, SOX, FFIEC, CIS20, GDPR, GLBA, CCPA
  • At least one of the following security certifications: CISSP, CISM, PCI-QSA certifications, or Certified ISO27001 Lead Implementer
  • Experience with enterprise IT management frameworks (e.g. COBIT, ITIL)
  • Excellent technical, analytical, problem solving, multitasking, and time management skills with consistent attention to detail
  • Ability to effectively learn, communicate and use new processes, concepts, tools, and methodology to support the needs of the business
  • Strong interpersonal skills, with the ability to work across functional lines and at many levels
  • Excellent presentation (written and verbal) communication skills. Ability to effectively communicate technical issues and solutions to all levels of business
  • Ability to effectively share technical information and train and mentor less experienced or knowledgeable team members

Qualifications:

  • 10+ years of overall industry experience, specifically around cybersecurity, IT risk management, IT audit or compliance
  • 4+ years working experience with cloud platforms (AWS) and DevOps
  • Passion for achieving excellence in delivery, solving complex problems, and taking ownership
  • Expertise in IT operations and security control domains (including application security, change management, disaster recovery, data center operations, information security and networking)
  • Knowledge of, and experience with, financial services regulatory frameworks such as PCI, SOX, FFIEC, CIS20, GDPR, GLBA, CCPA
  • At least one of the following security certifications: CISSP, CISM, PCI-QSA certifications, or Certified ISO27001 Lead Implementer
  • Experience with enterprise IT management frameworks (e.g. COBIT, ITIL)
  • Excellent technical, analytical, problem solving, multitasking, and time management skills with consistent attention to detail
  • Ability to effectively learn, communicate and use new processes, concepts, tools, and methodology to support the needs of the business
  • Strong interpersonal skills, with the ability to work across functional lines and at many levels
  • Excellent presentation (written and verbal) communication skills. Ability to effectively communicate technical issues and solutions to all levels of business
  • Ability to effectively share technical information and train and mentor less experienced or knowledgeable team members

Why is This a Great Opportunity:

Pioneer in the FinTech space. Bank has grown from $40B in assets to $116B in assets in 3 years during COVID.

Huge opportunity for upward mobility.



Company Details

Grand Rapids, Michigan, United States
NPAworldwide connects you to premier independent recruiting firms located throughout Europe, Asia, Australia, Africa and the Americas. Get connected with members around the world to widen your employer pool, get specialized placements, and find perfect matches -- all at no cost. Our members are placement professionals seeking long-term fits. Working with our recruiters gets you access to relocatio...