Purpose of Job
Provides risk management support for a line of business or staff agency in key risk identification, measurement and aggregation, and the understanding and management of risk through appropriate practices and processes. Assesses and mitigates enterprise and business exposures through the identification of key and emerging risks and evaluates alignment with risk strategy and appetite. Monitors the risk and control environment to ensure that exposures are kept at acceptable levels and may consult on risk mitigation plans. Leads and executes complex initiatives and cross functional teams within the Chief Risk Office and across the Enterprise that drive problem resolution. Leverages broad enterprise knowledge and/or expert knowledge of core business discipline(s), products and processes.
- Identifies and seeks key stakeholders across the enterprise to support the identification, assessment, aggregation and the overall management of risks and controls.
- Presents findings and recommendations to various levels of leadership.
- Routinely communicates results of risk assessments to governance committees, business process owners and various levels of leadership and influences decision making.
- Develops process and procedures for successful implementation of new risk policies, practices, appetites and solutions to ensure holistic understanding and management of risks according to industry best practice.
- Develops strategies, tools, and methodologies to measure, monitor, and report risks.
- Applies expert knowledge to utilize or produce analytical material for discussions with cross functional teams to understand business objectives and influence solution strategies.
- Leads, assembles and facilitates cross-functional teams to identify, assess, aggregate and mitigate current and emerging risk events.
- Serves as the point of contact for senior risk leadership on projects and special management requests that often impact the enterprise or core operating area.
- Formulates and reviews stress test plans for a line of business or the enterprise.
- Evaluates results, and frames contingency plans in partnership with key business stakeholders.
- Crafts key communications to be delivered to executives and board members.
Bachelor\'s degree in Risk Management, Business, Finance, or a related field required.
4 additional years of related experience beyond the minimum required may be substituted in lieu of a degree.
8 or more years of risk management or 8 years operations experience in a relevant functional area to include banking, insurance, financial services, audit, project management, public accounting or other related operational area
Or advanced degree or designation in a quantitative discipline relevant to risk management and 6 or more years relevant risk management work experience.
- 8+ years experience in IT risk management within a large financial institution focused on assessing information systems and technology risks and controls, with a demonstrated background in applying risk & control, security and technology principles
- Possess related industry certifications, such as CISA, CISSP, ITIL, CIA, CRISC, CGEIT or CRMA
- Experience working with Risk, Security or Audit frameworks (FFIEC, COBIT, COSO, ISO 27001/2, NIST 800-53, SSAE16)
- Experience in the following:
- Evaluating IT Architecture design for infrastructure, virtualization, cloud technology and business technology architecture for financial institutions
- Assessing software development life cycle processes
- Agile execution utilizing scrum partners
- Evaluating middleware technologies (e.g., Websphere) and infrastructure platforms (e.g., delivery infrastructure, application programming interface (API)), native mobile and cloud platforms (e.g, Salesforce)
- Monitoring and deploying software solutions for large financial and insurance institutions