Technology Risk and Controls [Multiple Positions Available]

About The Position

Requirements

• Bachelor's degree in Electrical and Electronic Engineering, Computer Science and Information Security, or related field of study plus seven (7) years of experience in the job offered or as Technology Risk and Controls, Cybersecurity and Technology Controls, Senior consultant, or related occupation.
• OR Master's degree in Electrical and Electronic Engineering, Computer Science and Information Security, or related field of study plus five (5) years of experience in the job offered or as Technology Risk and Controls, Cybersecurity and Technology Controls, Senior consultant, or related occupation.
• Five (5) years of experience identifying, assessing, and providing recommendations for mitigating risk in Information technology or information security settings.
• One (1) year of experience end-to-end designing and administrating risk and control metrics across the technology risk metrics lifecycle.
• One (1) year of experience developing and implementing Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs).
• One (1) year of experience sourcing and integrating data from multiple systems.
• One (1) year of experience calibrating metric thresholds based on risk appetite.
• One (1) year of experience conducting ongoing performance monitoring.
• One (1) year of experience executing breach escalation protocols.
• One (1) year of experience preparing comprehensive reports for technology control forums.
• One (1) year of experience reviewing the effectiveness and utilization of KPIs and KRIs across key technology domains including Data Protection, Identity and Access Management, Technology Resiliency, Vulnerability Management, the SDLC Lifecycle, and Security Configuration.
• Any amount of experience supporting risk mitigation strategies through risk governance, control evaluation, monitoring, and reporting.
• Any amount of experience performing IT General Controls testing for Change Management, Logical Access, Management and Security, Incident Management, and Data Backup and Restoration.
• Any amount of experience assessing business processes to develop business impact analyses, risk assessments, and business continuity policies using risk management frameworks.

Responsibilities

• Oversee GT and operational metrics impacting cyber and tech risk management for business lines and entities.
• Develop a framework ensuring metrics are relevant, comprehensive, and aligned with industry standards and regulatory requirements.
• Act as the first line of defense by developing a strategic plan for GT Metrics.
• Enforce partnerships with second and third defense lines to ensure the metrics program meets stringent risk reporting criteria.
• Lead advisory roles with metric owners, providing guidelines and tactical solutions.
• Drive automation of the GT Metrics process.
• Lead collaboration with IT, operations, compliance, and audit teams to ensure an integrated approach to risk management.

Benefits

• Competitive total rewards package
• Base salary determined based on the role, experience, skill set, and location
• Discretionary incentive compensation
• Comprehensive health care coverage
• On-site health and wellness centers
• Retirement savings plan
• Backup childcare
• Tuition reimbursement
• Mental health support
• Financial coaching