Vp It Risk Management

Scope includes:

• Build and maintain positive working relationships by effectively communicating and regularly sharing information, issues/points of interest, and knowledge with the team, internal and external business partners.
• Excellent time management skills and a proven ability to meet deadlines and lead multiple tasks.
• Develop, implement and mature a proactive control assessment program (i.e. control testing and monitoring) in line with organizational standards.
• High attention to detail in identifying, aggregating, and communicating issues and control gaps. Raise awareness and visibility of risk issues that require management focus.
• Work with technical teams to develop automated testing to proactively assess control effectiveness.
• Consolidate the results of these assessments and report results to the appropriate leaders and risk management committees.
• Proactively working across all 3 lines of defense to understand and leverage the full scope of current testing and assurance activities. Looking for opportunities for optimization to increase efficiency and effectiveness and reduce redundant coverage.
• Subject Matter Expertise across IT risk and control domains (i.e. Access Management, SDLC, Change and Release Management, Production/Operations Support, Data Management, etc.).

Position Responsibilities:

• Define and build a first line IT controls testing framework and program.
• Partner with MIS leaders and implement a technology strategy that will enhance overall business capabilities.
• Continuously transform the organization to building a proactive risk culture.
• Stay ahead of emerging trends and issues in information technology.

Delivery Planning and Execution

• Coordinates the implementation and execution of the Technology Control and Monitoring Testing program.
• Perform risk-based testing activities that independently evaluate the design and effectiveness of controls
• Leads IT risk assurance to include conducting meetings with control owners, conducting control tests, and analyzing and communicating results.
• Lead the development, management and maintenance of First Line testing/assurance/validation program for MIS Tech.
• Leads all aspects related to the 1st line testing program. Monitors and adjusts to ensure delivery and successfully fulfilling defined program objectives.
• Build and manage control evaluation coverage plans and metrics, including testing approach and scoping/sampling, and determining the testing procedures and scripts to be used.

Technology/Operational/ Risk Control

• Ensures processes and controls within assigned area to improve performance, security, reliability and availability of systems.
• Contributing to technology risk/control framework and assessment program to ensure alignment with industry risks, trends, new technologies and new/changes in regulatory requirements
• Ensures compliance and control activities support technology and enterprise business objectives and are aligned with defined risk tolerances and expectations.

Leadership

• Select, empower and retain high performing talent, in support of achieving, individual and team goals.
• Manage and contribute to cultivating a spirit of one team with shared goals and objectives.
• Promote and foster a cohesive team and positive work environment that encourages innovation, creativity and collaboration.

• Experience working with Enterprise Risk Management, Compliance and external and internal auditors.
• Bachelor’s Degree or High School diploma or GED and 8 plus years of experience
• Experience with various Systems and Platforms (including Distributed Systems, Database, Middleware, cloud products etc.)
• Experience in setting up audit at a platform level, interpret the results and reporting the same for senior management.
• Professional qualifications such as a CISA, CISSP, CISM, CRISC etc. a plus
• 3 years in the financial services industry, with at least 2 years in an operational risk management, internal audit, or compliance role with a focus on internal control monitoring and testing, control testing methodologies, and related regulatory and compliance standards
• 5 years of experience with the concepts and practices of IT risk management, IT process and related controls.
• Understanding of IT Control Frameworks such as COBIT, ITIL, NIST and COSO
• Consistent track record of building strong relationships across multiple business functions
• 3 - 5 years managing others