Operational Risk Manager - Cybersecurity

About The Position

Requirements

• 4+ years risk management experience from working in financial services industry
• 4+ years demonstrated domain expertise and experience within the relevant product or services
• Experience in an organization that is under strong regulatory oversight and scrutiny
• Proven ability to develop and maintain high impact relationships with senior executives
• Expert knowledge of internal controls and risk assessment
• Deep understanding of banking products and operations; regulatory requirements; and key processes, controls, and exposure areas
• Decisiveness and sound judgment on a consistent basis
• Capacity to challenge status quo
• Influencing and conflict resolution skills
• Excellent business writing skills
• Proven leadership and management skills in a professional environment
• Proficient use of MS Word, MS Excel and PowerPoint and Visio

Nice To Haves

• Certified Internal Auditor
• Certified Regulatory Compliance Manager
• Certified Fraud Examiner
• Certified Public Accountant
• Certified Investments Derivative Auditor
• Project Management Professional
• Certified in Risk and Information System Controls
• Other relevant risk certifications

Responsibilities

• Provide independent oversight, review, and challenge of risk management activities within the first line of defense, including the effectiveness of the formal risk program activities.
• Conduct activities such as Risk and Control Self-Assessments, Issues Management, Material Risk Identification, Change Management, and new business initiative risk assessments.
• Advise first line risk partners on complex risk issues and challenges, while identifying and assessing aggregate enterprise-wide risks.
• Escalate emerging risk issues that require remediation and work directly with stakeholders while driving accountability.
• Maintain strong relationships with all three lines of defense, as well as the regulatory agencies.
• Understand the external environment, including emerging risks within the industry and the priorities of the regulatory agencies, and determine how these changes affect the risk profile of the enterprise.
• Participate in cybersecurity incident response activities to ensure risks are properly assessed in real time and mitigating actions are appropriate.
• Lead or participate in post-incident root cause analysis and opine on next steps.
• Lead targeted risk assessments on emerging issues to provide an independent opinion on the impact to the enterprise.
• Operate within existing governance structures with an eye towards making these processes more efficient and effective.
• Manage applicable policy and program governance, while performing assurance activities to assess corporate wide compliance.
• Operate within existing governance structures with an eye towards making these processes more efficient and effective.
• Manage applicable policy and program governance, while performing assurance activities to assess corporate wide compliance.
• Be actively engaged to support the business with providing domain-relevant advice, monitoring, and credible expert challenge to ensure the independent Non-Financial Risk Program is effectively implemented.

Benefits

• Medical coverage
• Dental coverage
• Vision coverage
• Retirement benefits
• Maternity leave
• Paternity leave
• Flexible work arrangements
• Education reimbursement
• Wellness programs