Manager, IT Operational Risk

Downtown, New York, NY

Job Function:


Our client; a Global Bank, is seeking a Manager, IT Operational Risk in their NYC office.


Major Responsibilities:

  • Maintains the U.S. IT Risk Management Framework and best practices within the Bank while acting as a center of excellence for IT Risk in the U.S.
  • Promote the IT risk agenda and activities in the region through U.S. Wide communications, IT risk awareness training, and partnering with the businesses on cultural change.
  • Improve and promote IT Risk Management practices in the U.S.
  • Collaborate with the lines of business by acting in a consultative capacity to advise on IT risks that influence their business and ability to meet established strategic objectives, while maintaining oversight and objective challenge.
  • Challenge the output of the first line in the IT Risk & Control Assessment (RCA) process for the U.S., covering Legal Entities, Processes and Business Lines.
  • Challenge investigation of IT Incidents to define root causes, and provide input into remediation actions.
  • Perform Deep Dives and scenario analysis to assess the effectiveness of controls surrounding key processes and to identify remediation for gaps to actively and demonstrably mitigate IT risks.
  • Monitors compliance with IT Risk Policies, Standards and Guidelines.
  • Prepares and/or coordinates monthly/quarterly IT Risk Meetings.
  • Design, Implement and Promote Risk Reduction Tools.
  • Support the U.S. Operational Risk Management team with Non-IT Risk deliverables.
  • Provides oversight on annual mandatory information security awareness seminars to alert employees to the information security and best practices.




Risk Management:

  • Has good knowledge of risk management practices required to create a culture of risk management compliance.
  • Identifies, assesses, and monitors IT related risks based on risk management policies and procedures. Reviews work of first line of defense for risk management purposes
  • Exhibits best practice risk management skills through effective internal risk controls, risk monitoring, risk assessment and improvement of risk management processes


Education/Work Experience/Designations:

  • Experience of investment banking and/or technology departments in a financial institution and exposure to multiple products.
  • Strong expertise in IT Risk Management (e.g. Cyber Security, Logical Access, SDLC, Data Leakage).
  • Industry certifications desirable (e.g. ISACA, CISSP, CISA).
  • Proficiency in VBA for Excel, Tableau, and Open Pages desired.
  • Expertise in Operational Risk Management.



  • Strong understanding of IT risk management frameworks in a global banking environment.
  • A sound knowledge of banking activities, including capital market products, risk management techniques and the current regulatory environment in the U.S. Financial Service Industry.
  • Able to convey complex concepts and ideas on issues requiring interpretation and opinion.
  • Good negotiation skills and ability to resolve conflict between teams or individuals so that functional / organizational objectives are achieved.
  • Excellent communication and presentation skills and an ability to work with all levels of the organization.
  • Independent in judgment and with a high standard of conduct and ethics. Able to challenge and be challenged whilst maintaining the highest levels of professionalism.
  • Excellent analytical skills; critical thinking and problem solving skills.
  • Good oral and written skills on a business level in English.
  • Substantive and diverse knowledge of securities-related legal, tax, regulatory compliance and/or accounting treatment
  • Good interpersonal skills

Contact Details:

Zachary Flood