Manager, IT Operational Risk
LocationDowntown, New York, NY
Our client; a Global Bank, is seeking a Manager, IT Operational Risk in their NYC office.
- Maintains the U.S. IT Risk Management Framework and best practices within the Bank while acting as a center of excellence for IT Risk in the U.S.
- Promote the IT risk agenda and activities in the region through U.S. Wide communications, IT risk awareness training, and partnering with the businesses on cultural change.
- Improve and promote IT Risk Management practices in the U.S.
- Collaborate with the lines of business by acting in a consultative capacity to advise on IT risks that influence their business and ability to meet established strategic objectives, while maintaining oversight and objective challenge.
- Challenge the output of the first line in the IT Risk & Control Assessment (RCA) process for the U.S., covering Legal Entities, Processes and Business Lines.
- Challenge investigation of IT Incidents to define root causes, and provide input into remediation actions.
- Perform Deep Dives and scenario analysis to assess the effectiveness of controls surrounding key processes and to identify remediation for gaps to actively and demonstrably mitigate IT risks.
- Monitors compliance with IT Risk Policies, Standards and Guidelines.
- Prepares and/or coordinates monthly/quarterly IT Risk Meetings.
- Design, Implement and Promote Risk Reduction Tools.
- Support the U.S. Operational Risk Management team with Non-IT Risk deliverables.
- Provides oversight on annual mandatory information security awareness seminars to alert employees to the information security and best practices.
- Has good knowledge of risk management practices required to create a culture of risk management compliance.
- Identifies, assesses, and monitors IT related risks based on risk management policies and procedures. Reviews work of first line of defense for risk management purposes
- Exhibits best practice risk management skills through effective internal risk controls, risk monitoring, risk assessment and improvement of risk management processes
- Experience of investment banking and/or technology departments in a financial institution and exposure to multiple products.
- Strong expertise in IT Risk Management (e.g. Cyber Security, Logical Access, SDLC, Data Leakage).
- Industry certifications desirable (e.g. ISACA, CISSP, CISA).
- Proficiency in VBA for Excel, Tableau, and Open Pages desired.
- Expertise in Operational Risk Management.
- Strong understanding of IT risk management frameworks in a global banking environment.
- A sound knowledge of banking activities, including capital market products, risk management techniques and the current regulatory environment in the U.S. Financial Service Industry.
- Able to convey complex concepts and ideas on issues requiring interpretation and opinion.
- Good negotiation skills and ability to resolve conflict between teams or individuals so that functional / organizational objectives are achieved.
- Excellent communication and presentation skills and an ability to work with all levels of the organization.
- Independent in judgment and with a high standard of conduct and ethics. Able to challenge and be challenged whilst maintaining the highest levels of professionalism.
- Excellent analytical skills; critical thinking and problem solving skills.
- Good oral and written skills on a business level in English.
- Substantive and diverse knowledge of securities-related legal, tax, regulatory compliance and/or accounting treatment
- Good interpersonal skills