As a Technology Operational Risk Management Lead, you will be responsible for analyzing and identifying technology and cyber operational risks within the Consumer and Community Banking (CCB) line of business. In addition to control evaluation and risk assessment activities, you will work closely with CCB Business Operational Risk teams, CCB Technology leadership, and Technology Risk Control teams to drive execution of operational risk management framework procedures. You will need to be an experienced technologist that understands Cybersecurity and Technology risks, controls, and assessment methodologies. You will also participate in efforts to develop data-driven and automated testing approaches to risk identification and control assessment as well as have significant technology and business facing activities in this role.
Job Responsibilities
- Understand the key processes and controls performed within Consumer and Community Banking Technology
- Perform independent assessment of Cybersecurity risks on Consumer and Community Banking Technology through CCOR’s monitoring program.
- Manage identified risks using firm’s Operational Risk Management Framework
- Participate and challenge first line control designers and operators.
- Conduct Testing and Monitoring and identify operational risk control gaps.
- Develop and/or challenge KPIs / KRIs related to these risks through effective monitoring activities.
- Advise internal 2LoD teams of thematic monitoring and testing deficiencies.
- Manage book of work assessments impacting CCB and produce weekly status updates.
- Participate in firm-wide global initiatives to analyze impact to the firm.
Required Qualifications, Capabilities, and Skills
- 7+ years of experience with infrastructure/application architecture.
- 5+ years in a senior technology role (engineering, operations, or strategic planning)
- 5+ years of Cybersecurity and Technology risk working experience.
- Ability to understand complex technical systems, the business processes they support and synthesize the corresponding risks and controls.
- Knowledge of second line risk management (operational risk and compliance) practices
- Ability to seamlessly transition between business and technical discussion.
- Strong organizational and multi-tasking skills with demonstrated ability to manage expectations.
- Excellent verbal and written communication skills, including the ability to present concise findings in a persuasive manner to a senior audience.
- Able to develop constructive relationships with functional partners.
- Deadline driven; delivering results with limited supervision.