IAM Risk Advisor-1st LOD

Truist•Orlando, FL

1d•Onsite

About The Position

The Business Unit Risk Advisor II engages with Business Unit leadership in its management of risks and controls as well as its execution of risk program requirements. Execute, facilitate and/or monitor execution of Risk Program requirements (e.g., RCSA, KRIs, etc.). Provide strategic insight, risk advice and influence to assigned Business Unit. Concur with material risk taking by the Business Unit and escalate unacceptable risks. Aggregate, integrate, correlate and report risks for assigned Business Unit. Present risk aggregation, key risks and emerging risks to senior Business Unit Leadership. Identify and opine on remediation to address weaknesses related to inadequate or failed processes, people, and systems, or external events and ensure effective remediation. 1. Provide strategic/tactical challenge & review of risks within the Identity & Access Management (IAM) Business Unit (BU) portfolio for the following: • The identification of existing and emerging risks along with their root causes to senior leadership (BUs and Risk Advisors). • The proposed remediation plans, controls, and key risk indicators (KRIs) which mitigate the overall risk within the BU’s risk tolerance/appetite. 2. Monitor the trends and effectiveness of KRIs and escalate as appropriate to senior leadership. 3. Advise on any new/revised risk policy requirements to ensure they are consistent with the Bank’s risk appetite, regulator expectations, and industry standards. 4. Identify areas of opportunity to improve risk visibility within the BU. Provide direction and guidance in the development of controls and governance mechanisms within the BU. 5. Assist/opine in the development of the Risk Appetite Framework metrics and KRIs within the BU, as well as, those defined by the BU for implementation across Truist (where applicable). 6. Advocate the Bank’s risk culture, compliance with enterprise risk initiatives and promote sound risk management practices. 7. Provide connectivity between the output of risk programs as appropriate by coordinating with stakeholders to resolve highly complex or challenging issues. 8. Execute, facilitate and monitor risk governance mechanisms, including but not limited to, Compliance Risk and Control Self-Assessment (C-RCSA), Risk and Control Self-Assessment (RCSA), key risk indicators, policies, risk committees and other elements of the Enterprise Risk Framework. 9. In conjunction with Compliance Risk Management and Legal, monitor BU adherence to applicable policies, laws and regulations. Job Description For this opportunity, Truist will not sponsor an applicant for work visa status or employment authorization, nor will we offer any immigration-related support for this position (including, but not limited to H-1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN-1 or TN-2, E-3, O-1, or future sponsorship for U.S. lawful permanent residence status.) This position is office-centric 5 days a week in one of our Truist hub locations. Essential Duties and Responsibilities Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time. 1. Provide strategic and tactical effective challenge for all risks present within the Business Unit (BU). Concur with key risk decisions and escalate unacceptable or key emerging risks to BU CRO and/or Business Unit Risk Committee. 2. Guide risk-taking behavior. Provide counsel and advice to BU and senior BU leaders. 3. Monitor risk exposures, concentrations and limits. Ensure risk levels stay within risk appetite. 4. Opine on new or revised risk program requirements to confirm they are consistent with the Bank’s risk appetite, regulator expectations and industry standard. 5. Identify areas of opportunity to improve risk visibility within BU; develop and implement plan to transform opportunity into new processes and activities. 6. Assist in the development and opine on Risk Appetite Framework metrics and Key Risk Indicators within the BU as well as those defined by the BU for implementation across Truist (where applicable). 7. Advocate the Bank’s risk culture, compliance with enterprise risk initiatives and promote sound risk management practices. 8. Provide connectivity between the output of risk programs as appropriate. Coordinate with stakeholders to resolve highly complex or challenging issues. 9. Advise on the effectiveness of BU risk and control environment. 10. Provide direction and guidance in the development of controls and governance mechanisms within the BU. 11. Execute, facilitate and monitor risk governance mechanisms, including but not limited to, Compliance Risk and Control Self-Assessment (C-RCSA), Risk and Control Self-Assessment (RCSA), key risk indicators, policies, risk committees and other elements of the Enterprise Risk Framework. 12. Monitor issues (all types) assigned to BU, as well as those that have downstream or upstream impact to the BU and ensure appropriate remediation. 13. In conjunction with Compliance Risk Management and Legal, monitor BU adherence to applicable policies, laws and regulations. 14. Communicate to BU senior leadership, regulators and Executive Committees key activities, trends, and events pertaining to risk, regulatory and audit reviews. Continue to promote various risk initiatives and their supporting metrics.

Requirements

Bachelor’s degree in Accounting, Business, Finance or related field, or equivalent education and related training.
8+ years of experience in a financial institution with emphasis on risk management, audit, operations, process engineering or line of business specialty and/or equivalent education, training and experience.
Experience in compliance and operational risk mitigation and remediation.
Strong communication, interpersonal, presentation and negotiation skills.
Proven leadership and management skills.
Strong analytical, problem solving and decision-making skills in complex environments and with senior leadership.
Strong time management and organizational skills adaptable to a dynamic and complex work environment; Capable of handling multiple projects concurrently.
Demonstrated proficiency in basic computer applications, such as Microsoft Office software products.
Ability to travel, occasionally overnight.

Nice To Haves

Identity & Access Management (IAM) Knowledge
Solid understanding of IAM principles, technologies, and controls (e.g., identity lifecycle management, privileged access management, authentication/authorization)
Ability to assess IAM-related risks in alignment with cybersecurity and information security frameworks
Risk Management & Governance
Proven ability to identify, assess, and articulate emerging risks and their root causes to senior leadership
Strong experience in designing and challenging risk remediation strategies, controls, and governance structures
Demonstrated capability in risk trend analysis and escalation of material risks
CRISP, CISA, CISSP, or CISM certifications
Strategic Thinking & Advisory Skills
Strong ability to provide strategic and tactical challenge to business units and influence decision-making
Experience advising senior leadership on risk appetite alignment, governance improvements, and control effectiveness
Skilled in identifying opportunities to enhance risk visibility and transparency
Data Analysis & Reporting
Proficiency in developing, monitoring, and interpreting KRIs and metrics
Strong analytical skills to evaluate risk data trends, control effectiveness, and performance indicators
Experience presenting complex risk insights in clear, actionable formats for executive audiences
Stakeholder Management & Collaboration
Exceptional ability to collaborate across functions (Risk, Compliance, Legal, Technology, Business Units)
Proven success in driving consensus and resolving complex risk issues among diverse stakeholders
Process Improvement & Controls Development
Experience designing and enhancing risk controls, policies, and governance mechanisms
Ability to improve risk processes and frameworks to increase efficiency and effectiveness
Technical & Tools Proficiency
Strong proficiency with IAM systems (e.g., Oracle Identify Manager, Sailpoint, CyberArk)
Experience with risk management systems and reporting tools (e.g., Archer, MetricStream, or similar GRC platforms)
Proficiency in data tools (e.g., Excel, Power BI, Tableau) for risk analytics and reporting

Responsibilities

Provide strategic/tactical challenge & review of risks within the Identity & Access Management (IAM) Business Unit (BU) portfolio.
Identify existing and emerging risks along with their root causes to senior leadership.
Review proposed remediation plans, controls, and key risk indicators (KRIs) which mitigate the overall risk within the BU’s risk tolerance/appetite.
Monitor the trends and effectiveness of KRIs and escalate as appropriate to senior leadership.
Advise on any new/revised risk policy requirements to ensure they are consistent with the Bank’s risk appetite, regulator expectations, and industry standards.
Identify areas of opportunity to improve risk visibility within the BU.
Provide direction and guidance in the development of controls and governance mechanisms within the BU.
Assist/opine in the development of the Risk Appetite Framework metrics and KRIs within the BU.
Advocate the Bank’s risk culture, compliance with enterprise risk initiatives and promote sound risk management practices.
Provide connectivity between the output of risk programs as appropriate by coordinating with stakeholders to resolve highly complex or challenging issues.
Execute, facilitate and monitor risk governance mechanisms, including but not limited to, Compliance Risk and Control Self-Assessment (C-RCSA), Risk and Control Self-Assessment (RCSA), key risk indicators, policies, risk committees and other elements of the Enterprise Risk Framework.
In conjunction with Compliance Risk Management and Legal, monitor BU adherence to applicable policies, laws and regulations.
Provide strategic and tactical effective challenge for all risks present within the Business Unit (BU).
Concur with key risk decisions and escalate unacceptable or key emerging risks to BU CRO and/or Business Unit Risk Committee.
Guide risk-taking behavior.
Provide counsel and advice to BU and senior BU leaders.
Monitor risk exposures, concentrations and limits.
Ensure risk levels stay within risk appetite.
Opine on new or revised risk program requirements to confirm they are consistent with the Bank’s risk appetite, regulator expectations and industry standard.
Develop and implement plan to transform opportunity into new processes and activities.
Assist in the development and opine on Risk Appetite Framework metrics and Key Risk Indicators within the BU as well as those defined by the BU for implementation across Truist (where applicable).
Advise on the effectiveness of BU risk and control environment.
Monitor issues (all types) assigned to BU, as well as those that have downstream or upstream impact to the BU and ensure appropriate remediation.
Communicate to BU senior leadership, regulators and Executive Committees key activities, trends, and events pertaining to risk, regulatory and audit reviews.
Continue to promote various risk initiatives and their supporting metrics.