As a Tech Risk & Controls Senior Associate in Corporate and Investment Bank Resiliency Management, you will contribute to the successful management of technology-aligned aspects of Governance, Risk, and Compliance in line with the firm's standards. Leverage your broad knowledge in risk management principles and practices to assess and monitor risks and implement effective controls. Your role in risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm’s risk posture. Through collaboration and analytical skills, you will contribute to the overall success of the Technology Risk and Services team and ensure compliance with regulatory obligations and industry standards.
Job responsibilities
- Drives and organizes technology projects and programs, such as technology refresh from provisioning, through build, to testing and implementation.
- Understands technology controls and requirements for application cyber and data security.
- Understands application and data architecture including but not limited to multi-tier and hybrid application architecture; data consumption, processing, and backup strategy; datacenter and placement strategy; foundation/support services.
- Provides management summaries and understand the importance of accuracy.
- Solves problems through your own initiative and helping other teams solve their problems.
- Learns and explores new technologies and provide technical guidance/expertise.
- Understands and processes regulatory directives and translate them into technology application controls and requirements.
- Develops consensus within a matrix-managed organizational climate of diverse development and operational activities.
- Holds oneself and others accountable for achieving high levels of individual and organizational performance.
- Strives to be an efficient team member, ensuring progress is reliable, measurable, and meaningful.
Required qualifications, capabilities, and skills
- 3+ years of experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on risk identification, assessment, and mitigation – You can’t add or change this line per compliance or add education as required.
- Experience in software engineering, infrastructure, production management and/or site reliability engineering in one of the following languages: C, C++, Java J2EE technology stack and web technologies /, Python, Go, Perl, Ruby and/or shell scripting (Unix/Linux)
- Hands-on experience with deployment, monitoring, and ops analysis tools such as Kubernetes, GAIA, Public Cloud etc.
- Hands on experience on managing operations and troubleshooting service issues in large scale internet-centric production environments.
- Understanding of Network and Cloud Technologies, i.e., Security, Load Balancing, and Network Routing Protocols
- Experience working with Architecture teams in designing reusable patterns, provide governance around adoption, and influence software engineering teams on roadmaps.
- Ability to work collaboratively in teams and develop meaningful relationships to achieve common goals.
Preferred qualifications, capabilities, and skills
- CISM, CRISC, CISSP, or other industry-recognized risk and risk certifications preferred