מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר
Regular or Temporary:
English (Required)
1st shift (United States of America)A prescriptive role that is responsible for leading a highly complex, high-risk, critical, and broad-reaching capability that must be accomplished with ownership and influence. This requires transparency, proactiveness and advocacy to identify, inventory, communicate, monitor, mitigate and evidence solutions for IAM risk. This includes a subset of the following sub-functions: a) governance b) risk and c) compliance.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.
Align with IAM-wide priorities that define ‘our what’ that may change based on business need
demonstrate‘our how’ IAM works:
set expectations, hold teams accountable, check-in and provide feedback
Remove ‘IAM Blinders’: take a Truist-wide approach to owning and resolving challenges
Management System:establish
Continuous Improvement: consistently seeking ways to get bette
Oversee strategic andcomplianceplans in support ofIAMbusinessobjectivesincluding developingcross-departmental, cross-CCS and cross-ET&O business cases to solve problems
Design and implement the governance, risk, and compliance (GRC) strategy on time and within budget:
Formal Services Level Agreements (SLAs)
Expand upon existing IAM policies, standards, controls, key risk indicators, key performance indicators and metric reportingto build out mature regulatory compliance arm of Access Management
Provide subject matter expertise on regulatory rulings such as FFIEC, SOX, NYDFS, GLBA to ensure compliance is properly incorporated for IAM processes such as:a) request b) provisioning c) deprovisioning d) normal access e) privileged access f) attestations g) identity governance administration h) identify management platformsi) production support j) authentication k) authorization and l) cloud
Enables the cross-CCS needs of Architecture, Cyber Assurance, Cyber Defense and GRC
Accounts for the business needs for all lines of business and ET&O partner organizations, which includes, but is not limited to, Consumer, Wholesale, Insurance, Corporate Functions, Enterprise Data and Operations
Alignment with the CCS GRC, Business Unit Risk Management, Technology Risk, Truist Audit Services and Regulatory Relations, as well as the needs of the lines of business that they support
Engagement with Corporate Communications and Human Resources to enable teammate and contract worker adoption and adherence to the core elements needed to protect the bank
Support of other functionsseekingto improve their risk posture
Engagement model for partnering with Divisional CISOs to drive effectiveness and efficiency
Proactively engage with stakeholders to make them aware and willing to adopt our solutions, which includes managing up, out, and down to avoid surprises and position our solutions to be successful.
QUALIFICATIONS
The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Required Qualifications:
Bachelor’s degree or equivalent
20 years’ technical experience working in the GRC control function
10 years’ experience as a senior manager
15 yeas’ experience in strategic planning, operational planning, and execution
10 years managing simple and structured work
15 years managing complex and unstructured work
5 years’ experience leading diverse teams, such as teammates, contract workers, onshore, offshore resources, and/or managed services
5 years’ experience and intermediate-level technical knowledge of product knowledge and processes for specific IAM areas (e.g., Active directory, RACF,Idaptive, CyberArk, PRIVA, Oracle OIM, Persistent Ignite)
5 years’ experience and basic functional knowledge of tools and processes for the broader IAM capability
10 years’ experience and expert-level strength in soft skills and interpersonal communications
15 years’ technical experience working for a top 10 US bank
15 years’ experience collaborating with the following functions: a) infrastructure b) application development c) application support d) business unit risk management e) technology risk f) audit and g) external auditors
15 years’ experience collaborating with the following peer functions in corporate cyber security
15 years’ experience managing the remediation of regulatory matters and internal findings
5 years’ experience in strategic planning and applying industry best practices to operations (NIST, FFIEC)
Preferred Qualifications:
Experience in defining policies, standards, controls, key risk indicators, key performance indicators and metric reportingto build out mature regulatory compliance arm of Access Management
Experience in regulatory rulings such as FFIEC, SOX, NYDFS, GLBA
Experience in preparing and presenting executive level
ing of translatingtechnical solutionsinto senior level communications
Experience in waterfall and agile project management methodologies
A, CISM or other professional designation slated to risk management for Information Security
משרות נוספות שיכולות לעניין אותך