Manager, Risk Assessment Services, Cyber and Tech Business Unit and Division Risk Assessments - Enterprise Services Risk

About The Position

Requirements

• High School Diploma, GED or Equivalent Certification.
• At least 4 years of experience in Risk Management, Process Management, Project Management, or a combination of these.
• At least 4 years of experience in information security or technology risk management.
• At least 4 years of experience supporting, partnering, and interacting with internal business clients.
• At least 2 years of experience developing, evaluating, or implementing technology, information security controls or performing risk assessments.

Nice To Haves

• Bachelor's Degree or Military Experience.
• Risk Certifications (CRISC, CISM, CRCM, CIPP, ABA Risk Management Certification).
• At least 5 years of experience supporting, partnering and interacting with internal stakeholders.
• At least 7 years of experience in information security or technology risk management.
• At least 5 years of project management experience leading cross functional projects and programs.
• At least 4 years of experience with analysis of information security or technology threats and risks.
• At least 2 years of risk or information security experience in the financial services industry.

Responsibilities

• Spearhead and support delivery of Business Unit Risk and Control Self-Assessment and Division Risk Identification, including project and process management, reporting, and crafting materials for senior management.
• Move the needle on key tech and cyber risks by ensuring appropriate risk scope, grounding risk ratings, improving control ratings, and mitigation decisioning/plans.
• Participate in senior leadership meetings and other governance activities.
• Clearly and concisely communicate complex technical concepts, both verbally and in writing, to stakeholders with varying levels of expertise.
• Partner and coordinate work with ESR Tech and Cyber Risk Guides, Technology and Cyber teams, Lines of Business, and second line of defense risk management teams to ensure successful collaboration.
• Serve as a trusted advisor, guiding relevant and impactful Tech and Cyber risk discussions.
• Collaborate and provide guidance and direction for enterprise risk management activities.
• Analyze data to identify and report on risks, trends, and areas for process improvement to management.
• Stay informed about emerging cyber and tech threats and their potential impact on the company.
• Stay informed about the evolving regulatory environment and its effects on our work.
• Participate in risk and other management forums to contribute to the ongoing improvement of risk and project/program management practices.
• Collaborate and respond to inquiries from Internal Audit and Regulatory agencies regarding our work, as necessary.

Benefits

• Comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being.
• Performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI).