דרושים Controls Technician ב-United States, Ohio, Columbus

• Bachelor's degree in Computer Science, Engineering, a related field, or equivalent practical experience.
  
• 6 years of experience in telecommunications at carrier scale working with optical network infrastructure, transmission systems, layer2/3 routers, and data services.
  

• 10 years of experience in telecommunications infrastructure, deployment or design of networks in data centers, huts and colocation facilities managed by third party vendors.
• Experience with driving best practices and quality standards around hyper-scale fiber deployments.
• Understanding of networking at both Layer1 and Layer 3 as well as fiber infrastructure engineering.
• Understanding of inside and outside plant fiber operations.
• Understanding of managing installation quality programs.

As a Technology Risk & Controls Lead in the BASS Infrastructure Platforms team, you will be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards. You will also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry standards. By partnering with various stakeholders, including Product Owners, Business Control Managers, and Regulators, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business.

Job responsibilities

• Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations.
• Develop and maintain robust relationships, becoming a trusted partner with LOB technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared goals.
• Execute reporting and governance of controls, policies, issue management, and measurements, offering senior management insights into control effectiveness and inform governance work.
• Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance.
• Prepare regular governance reporting materials on the state of the control environment.
• Investigate and respond to metrics, triggers and alerts which may indicate a potential control issue.
• Review standards and controls against regulatory requirements and industry practices.
• Partner with stakeholders from across the bank to assist in their execution of various technology risk management processes.

Required qualifications, capabilities, and skills:

• 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation.
• Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements
• Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies.
• Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives.

Preferred qualifications, capabilities, and skills

• An understanding of Enterprise Risk Management practices in a technical environment.
• Technical and operational understanding of financial services regulations.
• Proficient in IT Service Management (ITSM) with experience in using ServiceNow.
• Working knowledge and experience in various technologies, i.e. network, Stratus platform infrastructure, Oracle DB, Citrix, architecture, and/or engineering practices.
• Ability to manage multiple tasks while maintaining high delivery standards, incorporating risk and controls, and engaging in technical discovery beyond the current implementation.
• CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred.

• Associate's degree, trade school certification, or other certified training in a related technical field, or equivalent practical experience.
• 5 years of generator experience (e.g., generator inspection, maintenance, and operations) in an industrial or commercial environment.
• Ability to participate in material handling tasks such as lifting, carrying or moving up to 50 lbs of equipment, the required use of OSHA standard safety equipment such as limited weight bearing work platforms, ladders, step stools and personal protective equipment (PPE) like safety harnesses.
• Ability to work non-standard hours and work rotations/shifts.

• 5 years of experience in maintenance of generator systems or construction/technical environment or a related field.
• Experience in data centers, hospitals, or power plants.
• Knowledge of generator systems used in a data center environment (e.g., engines, alternators, control panels, and electrical systems, etc.).
• Knowledge of meters, devices, sensors, and troubleshooting utilizing standard hand tools, digital metering, or calibration/diagnostic equipment.
• Ability to communicate with contractors who perform maintenance or upgrade work on the data center systems.

• Experience with assembly of mechanical or electrical systems, or performing component-level repairs and troubleshooting on technical equipment.
• Experience diagnosing and troubleshooting one of the following: operating systems, computer/server hardware, or networking protocols.
• Ability to lift/move 50lb (23kg) of equipment and ability to exert yourself physically over extended periods of time, including frequent bending, kneeling, climbing, pushing/pulling and lifting.
  
• Ability to work non-standard hours, including working weekends, night shifts, holidays and on shift-based schedules as required.

• Bachelor's degree or equivalent practical experience.
• Completion of the online Google IT Support Professional Certificate program.
  
• 2 years of experience diagnosing and troubleshooting one of the following: operating systems and computer/server hardware or networking protocols.
  
• Experience working within a data center or network operation center environment.
  
• Experience with performing component-level repairs and troubleshooting on IT equipment or in a similar role (e.g., Systems Administration, Network Deployment Engineer, Help Desk Technician, etc.).
• Ability to collaborate and partner with teams to overcome issues, and to adapt to changes in a dynamic work environment.

As a Tech Risk & Controls Lead in the Cybersecurity and Tech Controls line of business, you will be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards. You will also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry standards. By partnering with various stakeholders, including Product Owners, Business Control Managers, and Regulators, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Your advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape.

Job responsibilities

• Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations
• Develop and maintain robust relationships, becoming a trusted partner with LOB technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared goals
• Execute reporting and governance of controls, policies, issue management, and measurements, offering senior management insights into control effectiveness and inform governance work
• Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance
• Manage end-to-end execution of the CTC Compliance and Operational Risk Evaluation (CORE) Process, Risks & Controls, including oversight for control deficiencies and issue management/resolutions
• Lead and provide risk and control advisory support and targeted reviews for issue root cause analysis and action plans to ensure resolutions are sustainable and aligned to the organization’s strategic goals
• Ensure accurate monitoring, transparent reporting and issue/risk escalation with leaders and partners
• Ensure compliance with firmwide Compliance and Operational Risk Issue Management standard and procedure
• Identify, escalate, and implement solutions for operational process improvements

• Collaborate with stakeholders in a consulting role to add value and address unresolved critical problems

Required qualifications, capabilities, and skills

• Formal training or certification in risk and controls, and 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation
• Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements
• Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies
• Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives
• Experience in one or more of the following: technology risk management processes, IT Risk Management Frameworks, internal controls and compliance
• Strong executive communication skills, the ability to influence direction, negotiate, and collaborate with others
• Demonstrated critical thinking, analytical, and problem-solving skills
• Ability to adapt to changing priorities in a fast-paced, collaborative, team-oriented and cross-functional environment
• Proven abilities as a self-motivated and confident decision-maker with the ability to lead, challenge and influence change
• Ability to synthesize data quickly and communicate analysis succinctly and professionally
• Proven ability to manage operational programs, meet strict deadlines, and drive process improvements

Preferred qualifications, capabilities, and skills

• CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred
• Proficient in Microsoft Office Suite (Word, Excel, PowerPoint, Teams, Visio)

As a Tech Risk & Controls Manager in Identity and Access Management, you will be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards. You will also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry standards. By partnering with various stakeholders, including Product Owners, Business Control Managers, and Regulators, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Your advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape.

Job responsibilities

• Develop and maintain robust relationships, becoming a trusted partner with Identity Access Management (IAM) technologists, audit, assessments teams, and partner LOBs to facilitate cross-functional collaboration and progress toward shared goals
• Ensure effective identification, quantification, communication, and management of technology risk and controls, focusing on resolution recommendations and root cause analysis
• Execute reporting and governance of controls, policies, issue management, audit and regulatory activities and measurements, offering senior management insights into control effectiveness and inform governance work
• Proactively monitor and evaluate IAM control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance
• Facilitating and reviewing responses for Requests for Information (RFI’s) for (IAM) products
• Implement and where needed establish governance processes to reduce risk from failed internal processes, inadequate identification of risks, inadequate controls, and emerging risks
• Establish and oversee adherence to policies and standards impacting technology and cyber risks and identify and aggregate thematic risks and trends.
• Maintain an understanding of Product teams strategies, product roadmaps and key investment programs and be able to speak to high level design documents relating to the controls executed by individual IAM teams
• Apply working experience in multiple security or risk management domains (e.g., access management, application security, vulnerability management, data protection, encryption, logging and monitoring, network security) with a primary focus of Identity and Access Management
• Assess and document technology risks, effectively identifying and suggesting appropriate remediation plans
• Identify and assist with implementing process improvement throughout the risk and control organization.

Required qualifications, capabilities, and skills

• 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation
• Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements
• Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies
• Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives

Preferred qualifications, capabilities, and skills

• CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred
• Experience working in regulated industries, in particular leveraging technology standards, frameworks, compliance, and industry recognized best practice/standards (e.g., ITIL, NIST, ISO, PCI, SOC)
• Collaboration with internal and external technology audits (3^rdLine of Defense), Operational Risk Management deep dives and testing (2^ndLine of Defense), and the ability to advocate on behalf of subject matter experts
• Experience working with tools such as FARM, CORE, Archer, Verum are preferred.

As a member of our Tech Risk & Controls organization in Cybersecurity and Technology Controls, you will play a pivotal role in shaping and implementing the firm's technology risk management strategy. Leveraging your advanced knowledge and expertise in technology-risk disciplines, you will identify, oversee, and mitigate compliance and operational risks in line with the firm's standards. You will collaborate with various stakeholders, including Product Owners, Business Control Managers, and regulators, to develop and maintain a comprehensive view of the technology risk posture and its impact on the business. Your ability to make calculated decisions, manage large teams, and drive strategic projects will be crucial in ensuring the firm's adherence to regulatory obligations and industry best practices. Your work will contribute to the long-term success and resilience of the organization in an ever-evolving technology landscape.

We are seeking an experienced and dynamic Governance, Risk, and Compliance (GRC) professionals to for our Tech Risk & Controls initiatives within the technology domain. The successful candidate will be responsible for developing and implementing strategies to manage risks, ensure compliance with regulatory requirements, and uphold the highest standards of corporate governance. This role requires a visionary talent with a deep understanding of the technology landscape and a proven track record inrisk management frameworks, industry standards, and regulatory requirements.

Job responsibilities

• Develop and implement technology risk management strategies, policies, and processes to identify, assess, and mitigate risks, and drive strategic projects and initiatives to enhance the firm's technology risk management capabilities, in line with industry best practices and the firm's standards and regulatory requirements
• Identify and escalate emerging and upstream technology risk through execution of the Firm’s management framework tools, including risk event management, reporting, and action plan tracking, and provide expert counsel to stakeholders and constituents regarding their security obligations, facilitating acceptable outcomes
• Establish and maintain strong relationships with internal and external stakeholders, including key cross-functional team leads, regulators, and auditors, to ensure compliance with legal, regulatory, and industry standards
• Manage reporting and governance of overall controls, policies, issue management, and measurements, etc., providing insight to senior leaders into effectiveness of controls and inform governance work
• Strategic Leadership:
  • Develop and execute a comprehensive GRC strategy aligned with the company's business objectives and regulatory requirements.
  • Contribute to the leadership and direction to the GRC team, fostering a culture of integrity, accountability, and continuous improvement.
• Risk Management:
  • Identify, assess, and prioritize risks across the organization, particularly those related to technology and cybersecurity.
  • Implement risk mitigation strategies and monitor their effectiveness, ensuring that risks are managed within acceptable levels.
• Compliance Oversight:
  • Ensure compliance with all relevant laws, regulations, and industry standards, including data protection and privacy regulations.
  • Develop and maintain policies and procedures to support compliance efforts and conduct regular audits to assess adherence.
• Governance Framework:
  • Establish and maintain a robust governance framework that supports effective decision-making and accountability.
  • Collaborate with senior leadership to integrate GRC considerations into strategic planning and operational processes.
• Stakeholder Engagement:
  • Serve as the primary point of contact for regulatory bodies, auditors, and other external stakeholders on GRC matters.
  • Communicate GRC initiatives and outcomes to the board of directors, executive team, and other key stakeholders.

Required qualifications, capabilities, and skills

• Formal training or certification on the technology risk & controls and information risk management fields
• Demonstrated expertise in risk management frameworks, industry standards, and regulatory requirements relevant to the financial industry
• Proven ability to manage cross-functional projects, influence executive-level strategic decision-making, and effectively translate technology insights to business strategy in communications with senior executives
• Advanced knowledge and experience in data security, risk assessment & reporting, and control evaluation, design, and governance, with a track record of implementing effective risk mitigation strategies
• Experience in using common technology controls industry best practice (e.g., from NIST, ISO, ISACA,SOX, SOC1/2, ITCG, GDPR etc.) frameworks
• Strong working knowledge of common & current information technology implementations
• Inquisitive nature and comfort challenging current practices; proven track record of driving ideas forward and influencing
• Adept at developing relationships with senior business executives; reputation for partnering across organization lines to mitigate risks
• Strong organizational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results
• Ability to collaborate with high-performing teams and diverse stakeholders to accomplish common goals, including

Preferred qualifications, capabilities, and skills

• Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC) are a plus.