GT Risk Control Specialist – Vulnerabilities Management SME, Technical Risk Officer (TRO) supporting of Data Management Technology (DMT)

Job Description:

This role influences across multiple levels of management and business partners to ensure deliverables, timelines and support are met. Strong business centric mindset with ability to utilize sound business judgment and tailor approach to drive optimal business outcomes. Data Management Technology (DMT) Business Controls support. Acts as an ambassador of the risk culture.

Serve as a Risk Vulnerabilities Subject Matter Expert (SME). Identify and pull vulnerabilities, keeping an eye on process improvements in the reporting space. Partner with DMT application teams to improve process understanding and drive adherence. Comfortable speaking in front of leadership; will need to provide updates at Key Risk Review (KRR).  All Global Information Security (GIS) issues from Continuous Monitoring (CM) – chase AITs that have items in CM, especially any P2s or P3s in 2nd consequence, assist them as they search for answers on how to remediate items, be part of GT Risk Vulnerabilities weekly call to answer any questions for application owners in DMT space. End of Life (EOL) items from Technology partner – help application owners to remediate missing committed remediation dates, remind teams of upcoming committed remediation dates, etc.  Adhoc chases like Python, new RMW needed.

Create RISE data inputs with SME in support of a SIAI, AIAI or RIAI. Coordinate Action Steps that would remediate the root cause/issue timely. Meet with SMEs on a regular basis to make sure they are tracking remediation closely. Participate in touchpoints with GT Risk Issues Management Team and Audit on progress of the SIAI, RIAI and AIAIs. Collaborate with Business Control function partners to identify opportunities to influence and improve policies, standards, and tools.  Lead operational alignment with enterprise requirements and drive routines.  Assist with pulling together materials for the Monthly Key Risk Review (KRR). Provide inputs/share updates on key efforts and initiatives related to policies, standards, and tools impacting application teams. Back-up Global Risk Global Records Management (GRM) point of contact for DMT.

Desired Skills & Abilities:

• Knowledge of Enterprise Risk and Issue Management standards.

• Provide advice and guidance to DMT Senior Leaders on responses, as needed.

• RISE (Risk Integration Support Environment) familiarity.

• Strong understanding of tracking and remediating Vulnerabilities; ability to analyze Non-Permitted Technology (NPT) data

• ORCIT (Operational Risk and Compliance Integrated Technology Platform) knowledge

• POP (Process Owner Portal) knowledge

• CM (Continuous Monitoring) familiarity

• Leverage and/or building on existing relationships with Global Information Security (GIS), Global Compliance and Operational Risk (GCOR) and other key members of Global Technology.

• Must stay inquisitive and probe for information and continue to ask questions to gain a better understanding of the tasks.

• Knowledge on Self-Identify Audit Issues (SIAIs),

• Audit-Identified Audit Issues (AIAI) and Risk Identified Audit Issues (RIAI). Be able to create Action Steps with Subject Matter Expert and help team(s) drive to completion.

• Ability to coordinate large meetings and push for results, follow-up with minutes for audit purposes, post on SharePoint for tracking.

• Track Policy and Standards, be able to provide the “so what” to impacted partners.

• Strong ability to analyze data, create Excel pivot tables that showcase trends in the data.

• Strong aptitude to create robust PowerPoint presentations.

Required Skills & Abilities:

• Risk and/or Business Controls experience

• Bachelor’s Degree or equivalent experience

• 5 years of relevant experience in a large, fast-paced, results-oriented company

• Strong communications skills

• Must stay on top of Application Inventory Management Policy and Information Security Policy

• Application Governance knowledge

• Critical thinking

• Excellent written and verbal communication skills

• Ability to provide guidance and consultation and effective feedback

• Executive presence and experience in effectively interacting with senior management

• Effective partnering skills to build consensus; proven ability to influence peers/stakeholders across multiple groups

Shift:

Hours Per Week: