Technology Risk and Controls [Multiple Positions Available]

About The Position

Requirements

• Bachelor's degree in Electrical and Electronic Engineering, Computer Science and Information Security, or related field of study plus seven (7) years of experience in the job offered or as Technology Risk and Controls, Cybersecurity and Technology Controls, Senior consultant, or related occupation.
• Master's degree in Electrical and Electronic Engineering, Computer Science and Information Security, or related field of study plus five (5) years of experience in the job offered or as Technology Risk and Controls, Cybersecurity and Technology Controls, Senior consultant, or related occupation.
• Five (5) years of experience with identifying, assessing, and providing recommendations for mitigating risk in Information technology or information security settings.
• One (1) year of experience with end-to-end designing and administrating risk and control metrics across the technology risk metrics lifecycle.
• One (1) year of experience with developing and implementing Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs).
• One (1) year of experience with sourcing and integrating data from multiple systems.
• One (1) year of experience with calibrating metric thresholds based on risk appetite.
• One (1) year of experience with conducting ongoing performance monitoring.
• One (1) year of experience with executing breach escalation protocols.
• One (1) year of experience with preparing comprehensive reports for technology control forums.
• One (1) year of experience with reviewing the effectiveness and utilization of KPIs and KRIs across key technology domains, including Data Protection, Identity and Access Management, Technology Resiliency, Vulnerability Management, the SDLC Lifecycle, and Security Configuration.
• Any amount of experience supporting risk mitigation strategies through risk governance, control evaluation, monitoring, and reporting.
• Any amount of experience performing IT General Controls testing for Change Management, Logical Access, Management and Security, Incident Management, and Data Backup and Restoration.
• Any amount of experience assessing business processes to develop business impact analyses, risk assessments, and business continuity policies using risk management frameworks.

Responsibilities

• Oversee GT and operational metrics, impacting cyber and tech risk management for business lines, entities, and compliance with regulators.
• Develop a framework ensuring metrics are relevant, comprehensive, and aligned with industry standards and regulatory requirements across control domains.
• Act as the first line of defense by developing a strategic plan for GT Metrics, aligning with risk management and business objectives.
• Enforce partnerships with second and third defense lines to ensure the metrics program meets stringent risk reporting criteria.
• Lead advisory roles with metric owners, providing guidelines and tactical solutions to define metrics' scope and thresholds.
• Drive automation of the GT Metrics process, enhancing efficiency, accuracy, and responsiveness in risk management.
• Lead collaboration with IT, operations, compliance, and audit teams to ensure an integrated approach to risk management.

Benefits

• Comprehensive health care coverage
• On-site health and wellness centers
• Retirement savings plan
• Backup childcare
• Tuition reimbursement
• Mental health support
• Financial coaching