Manager of Technology Risk

Ent Credit UnionColorado Springs, CO
106d$105,435 - $116,708
Match Resume

About The Position

The Manager of Information and Technology Risk supports the Director of Business and Technology Risk by leading a team in the development, implementation, and maintenance of an enterprise-wide Technology Risk Management program, aligning with the Information Security Policy (ISP) and organizational objectives. This role establishes robust frameworks and governance for the First Line of Defense, manages technology risk assessments, and performs Second Line of Defense controls testing, providing thought leadership and consultative advice to ensure effective integration of risk practices across all business units. Collaborating closely with IT, InfoSec, and business leaders, the manager enhances risk and control initiatives and fosters a risk-aware culture. Through these comprehensive efforts, the Mgr-Technology Risk not only enhances regulatory compliance and audit preparedness but also strengthens the credit union's defenses against technology-related risks.

Requirements

  • Bachelor's Degree in Risk, Information Technology, IT Security, Computer Science, Information/Network Security, or another related field.
  • 7+ years of experience related to IT Security, IT Risk, or Information Security performing compliance, testing, monitoring, or similar risk management activities.
  • 2+ years of team leadership or management experience.
  • 5+ years of financial industry experience.

Nice To Haves

  • Knowledge of multiple security specialties and technical platforms.
  • Understanding diverse security practices along with IT risk management concepts.
  • Knowledge of networking and telecommunications, securing technical platforms such as Windows, Cisco, VMWare, Public Cloud (Azure, AWS, etc.).
  • Knowledge of industry regulations and best practices such as PCI, GLBA, FFIEC, NIST, ISO 27000, HIPAA, OWASP, SSAE 18, SOC 2.

Responsibilities

  • Lead the inventory and understanding of existing key technology processes, risks, and internal controls within Ent's GRC platform (Archer).
  • Conduct and document process walkthroughs to define technology processes and identify key control activities.
  • Design and perform Second Line of Defense controls testing activities.
  • Act as a consultant to the business units for the implementation of technology changes.
  • Oversee the evaluation of risk implications for new technology implementations and changes.
  • Draft and present Risk and Control Matrices (RCMs) for key technology risks and mitigating controls.
  • Design and maintain comprehensive risk dashboards/reports for senior management and the Board of Directors.
  • Develop and refine technology risk mitigation strategies.
  • Assist business lines in drafting program documentation that reflects approved technology risks and controls.
  • Develop and implement training programs to enhance team capabilities in technology risk management.
  • Foster inter-departmental collaboration by participating in technology projects.
  • Support audit activities and examinations in collaboration with Internal Audit and regulatory bodies.

Benefits

  • Affordable health insurance, 24/7 doctor access, and a nationwide provider network.
  • 401(k) with 3% automatic contribution after three months, plus up to 6% matching.
  • 16 days of paid time off (PTO) plus 9 paid holidays in the first year.
  • Paid time off to give back to the community.
  • Up to $10,000 annually for higher education and assistance for certifications.
  • Significant savings on home, car, and personal loans.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Manager

Industry

Credit Intermediation and Related Activities

Education Level

Bachelor's degree

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service