Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

Truist IAM Process Control Effectiveness Senior Director 
United States, North Carolina, Charlotte 
864566390

29.08.2024

Regular or Temporary:

English (Required)

1st shift (United States of America)A prescriptive role that is responsible for leading a highly complex, high-risk, critical, and broad-reaching capability that must be accomplished with ownership and influence. This requires transparency, proactiveness and advocacy to identify, inventory, communicate, monitor, mitigate and evidence solutions for IAM risk. This includes a subset of the following sub-functions: a) governance b) risk and c) compliance.


ESSENTIAL DUTIES AND RESPONSIBILITIES
Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.

  • Align with IAM-wide priorities that define ‘our what’ that may change based on business need

  • demonstrate‘our how’ IAM works:

  • set expectations, hold teams accountable, check-in and provide feedback

  • Remove ‘IAM Blinders’: take a Truist-wide approach to owning and resolving challenges

  • Management System:establish

  • Continuous Improvement: consistently seeking ways to get bette

  • Oversee strategic andcomplianceplans in support ofIAMbusinessobjectivesincluding developingcross-departmental, cross-CCS and cross-ET&O business cases to solve problems

  • Design and implement the governance, risk, and compliance (GRC) strategy on time and within budget:

  • Formal Services Level Agreements (SLAs)

  • Expand upon existing IAM policies, standards, controls, key risk indicators, key performance indicators and metric reportingto build out mature regulatory compliance arm of Access Management

  • Provide subject matter expertise on regulatory rulings such as FFIEC, SOX, NYDFS, GLBA to ensure compliance is properly incorporated for IAM processes such as:a) request b) provisioning c) deprovisioning d) normal access e) privileged access f) attestations g) identity governance administration h) identify management platformsi) production support j) authentication k) authorization and l) cloud

  • Enables the cross-CCS needs of Architecture, Cyber Assurance, Cyber Defense and GRC

  • Accounts for the business needs for all lines of business and ET&O partner organizations, which includes, but is not limited to, Consumer, Wholesale, Insurance, Corporate Functions, Enterprise Data and Operations

  • Alignment with the CCS GRC, Business Unit Risk Management, Technology Risk, Truist Audit Services and Regulatory Relations, as well as the needs of the lines of business that they support

  • Engagement with Corporate Communications and Human Resources to enable teammate and contract worker adoption and adherence to the core elements needed to protect the bank

  • Support of other functionsseekingto improve their risk posture

  • Engagement model for partnering with Divisional CISOs to drive effectiveness and efficiency

  • Proactively engage with stakeholders to make them aware and willing to adopt our solutions, which includes managing up, out, and down to avoid surprises and position our solutions to be successful.

QUALIFICATIONS


The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Required Qualifications:

  • Bachelor’s degree or equivalent

  • 20 years’ technical experience working in the GRC control function

  • 10 years’ experience as a senior manager

  • 15 yeas’ experience in strategic planning, operational planning, and execution

  • 10 years managing simple and structured work

  • 15 years managing complex and unstructured work

  • 5 years’ experience leading diverse teams, such as teammates, contract workers, onshore, offshore resources, and/or managed services

  • 5 years’ experience and intermediate-level technical knowledge of product knowledge and processes for specific IAM areas (e.g., Active directory, RACF,Idaptive, CyberArk, PRIVA, Oracle OIM, Persistent Ignite)

  • 5 years’ experience and basic functional knowledge of tools and processes for the broader IAM capability

  • 10 years’ experience and expert-level strength in soft skills and interpersonal communications

  • 15 years’ technical experience working for a top 10 US bank

  • 15 years’ experience collaborating with the following functions: a) infrastructure b) application development c) application support d) business unit risk management e) technology risk f) audit and g) external auditors

  • 15 years’ experience collaborating with the following peer functions in corporate cyber security

  • 15 years’ experience managing the remediation of regulatory matters and internal findings

  • 5 years’ experience in strategic planning and applying industry best practices to operations (NIST, FFIEC)

Preferred Qualifications:

  • Experience in defining policies, standards, controls, key risk indicators, key performance indicators and metric reportingto build out mature regulatory compliance arm of Access Management

  • Experience in regulatory rulings such as FFIEC, SOX, NYDFS, GLBA

  • Experience in preparing and presenting executive level

  • ing of translatingtechnical solutionsinto senior level communications

  • Experience in waterfall and agile project management methodologies

  • A, CISM or other professional designation slated to risk management for Information Security