Vice President - Technology Risk & Controls

As a Vice President - Technology Risk & Controls within the Cybersecurity Technology Controls Organization, you'll partner with one or more disciplines, lines of business, regions or locations to respond to evolving business requirements, regulatory requirements, and industry best practices. You'll be helping set and measure the Firm’s standards and controls on technology governance, risk and compliance, and/or technology strategy, investment, and portfolio and program management.  

Responsibilities include preparing monthly governance committee reporting materials on the state of the control environment; investigating and responding to metrics, triggers and alerts which may indicate a potential control issue; reviewing standards and controls against regulatory requirements and industry practices; and partnering with stakeholders from across the bank to assist them in their execution of various technology risk management processes.
 

 Job responsibilities:

• Preparing monthly governance committee reporting materials on the state of the control environment
• Investigating and responding to metrics, triggers and alerts which may indicate a potential control issue
• Reviewing standards and controls against regulatory requirements and industry practices
• Partnering with stakeholders from across the bank to assist them in their execution of various technology risk management processes. 
   

Required qualifications, capabilities, and skills:

• Formal training or certification in engineering concepts and 5 years applied experience
• Knowledge of governance, risk and controls with respect to technology governance, risk and compliance and/or technology strategy, technology investment, and portfolio and program management
• Experience in applying data analytics tools and techniques (AI/ML, Alteryx, Tableau) on large data sets to identify potential risks / issues
• Experience with the end-to-end risk management lifecycle
• Experience in using common technology controls industry best practice and regulatory frameworks (e.g., NIST, ISO, COBIT, FFIEC handbooks, etc.)
• Strong written and spoken communication skills, ideally with experience in preparing committee level reporting as well as responses to requests for information from 2LOD, Audit, external auditors, and regulators
• Ability to collaborate with high-performing teams and individuals throughout the firm to influence outcomes and accomplish common goals
• Proficiency in MS Office
   

Preferred qualifications, capabilities, and skills:

• CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred