Locations: Texas, Florida, New Jersey, New York or Boston
Must have solid AWS or Azure experience can come from a banking environment
Summary
The primary responsibility is supporting the Chief Information Risk Officer in providing risk oversight of the control environment in the First Line of Business (this role sits in the 2nd Line of Defense). The project is focused on implementing a cloud-based digital bank across the enterprise impacting technology and business operations.
The role will be part of a dedicated team and execute against Information Risk Management strategy and conduct independent risk assessments/review and challenge on technology, fraud, payments, and third-party projects/processes/controls for a new digital bank platform being deployed both on-prem and in the AWS cloud. This role is expected to be able to lead assessments, identify and assess risks, document findings and opinions, and report and escalate as necessary to executive management or corporate risk partners. This role will need to work in close partnership with all lines of internal risk management peers including other first line of defense teams, corporate risk functions and internal audit. This role requires a combination of financial services (ideally US banking) risk management and cloud technology experience and expertise.
Responsbilities
Day to day responsibilities in your IRM role will include:
Identifying risks and requirements related to regulations and policies.
Mapping risks and requirements to product functionality and processes
Reviewing configuration, controls and mitigation activities against risks
Assessing testing designs and approach and review test result output
Preparing materials for risk and compliance governance meeting review and signoff
General IRM responsibilities include:
Manage delivery timelines and develop materials to ensure IRM independent opinion appropriately represented during committee meetings, external exams and internal audits.
Ensure all activities and deliverables achieve their timeliness, quality and accuracy service levels.
Help keep CIRO informed on status of program execution and emerging risks.
Ensures a sound operational and compliance control environment through establishment of a system of internal controls.
Continuously monitor sources of risk within LOB KRIs, KPIs, QC functions, control testing, losses, fraud, incidents, and industry events. Identify control and policy/procedure updates.
Drive, track and report on issue identification and remediation.
Support process for constructive engagement with the Second and Third Lines of Defense regarding differences or conflicts in operational risk appetite, risk metric determination or evaluation, issue severity or other areas of dispute.
Required Skills
Education: bachelor’s degree or equivalent work experience in Accounting, Business, Statistics, Risk Management, Information Systems/Security, Finance, Economics or equivalent field.
5+ years of Technology Risk Management, GRC, or Audit experience
Practical experience using industry frameworks such as COBIT, ITIL, NIST 800-53, CSA-CCM v4, Fed Ramp, CIS Benchmarks, to identify, assess, mitigate, and report information and operational risk.
Minimum 2+ yrs. of Cloud experience (adoption, implementation) in AWS, Azure, (AWS preferable).
Experience working directly in one or more of these Cloud domains - Solutions Architect, DevOps, SysOps, or Data Engineering – is highly desirable. Should have working knowledge of services such as (or equivalent to) AWS EC2, API Gateway, CodeCommit, CodePipeline, Lambda, S3, RDS, VPC, ELB, Route53, Auto-Scaling, IAM through AWS Console, and CloudFormation.
Fundamental understanding of Cloud architectures, controls and risks from hands-on practical experience is a must.
AWS-Certified Cloud Practitioner foundational certification (or equivalent for other Cloud platforms), higher certification levels a strong plus.
Demonstrated knowledge of operating in a regulated entity, preferably a bank
Drive results and meet deadlines to reduce risks in a fast-paced environment with minimal supervision.
Analyze highly complex business issues and produce results, opinions and recommendations that are conveyed in an easy-to-understand manner.
Strong ability to lead, partner, and influence across all leadership levels.
Excellent communication skills, including an ability to influence stakeholders across the organization, to speak effectively in small and large-group settings, and to write clearly in internal memos, presentations and e-mails.
Strong attention to detail in a fast-paced work environment.
Fully accountable for timeliness, completeness, quality of projects, processes, products and services
Remains calm and focused on goals while facing pressures, obstacles or short-term setbacks.
Keeps up to date with external market events, pressures and regulations which may impact the organization and assesses whether similar issues exist in the organization.
Monitors adherence to policies, regulations, processes and procedures within function and actively undertakes corrective action where necessary.
Understands end to end processes across the organization and how processes are integrated.
Seniority level
Mid-Senior level
Employment type
Contract
Job function
Finance and Sales
Industries
Software Development
Referrals increase your chances of interviewing at Steneral Consulting by 2x