September 12
• Conduct comprehensive second line assessments of technology risks, ensuring alignment with organizational risk appetite and regulatory requirements. • Advise on control design and evaluate existing controls and processes to identify potential vulnerabilities and recommend improvements. • Review and assess the effectiveness of control measures implemented by the 1st Line of Defense (operational management) and the global business. • Develop and monitor key risk indicators (KRIs) and control metrics to ensure ongoing risk management and compliance. • Create/update technology policies and standards that ensure compliance with laws, regulations, and industry standards • Collaborate with product, engineering, and cybersecurity teams to enhance incident detection and response capabilities. • Prepare management committee materials (operation and/or risk oversight committee, board) • Prepare and maintain documentation for regulatory reporting and internal audits. • Prepare and present risk and control reports to senior management and stakeholders. • Communicate findings and recommendations effectively to various audiences, including technical and non-technical personnel. • Propose and implement improvements to risk management processes and control frameworks.
• 5+ years of experience in technology governance, risk, and or compliance. • Experience working with technology standards or frameworks such as ITIL, COBIT, NIST, BAIT • Strong understanding of risk management principles • Experience working on remediation projects (new regulation, audit findings) • Enjoy solving hard problems and can turn incomplete, conflicting, or ambiguous inputs into action plans • Previous experience working on global programs to implement coordinated efforts • Experience working within cloud native environments • Ability to leverage data to inform critical decisions and make recommendations • Prior experience working with auditors • Able to manage multiple stakeholders and priorities simultaneously
Apply Now