Technology Risk & Control Job Description
Technology risk & control
provides governance and oversight for the Bank's security compliance programs (Gramm-Leach-Bliley Act, FFIEC IT Handbooks, etc.) and related processes necessary to meet the Bank's obligations.
Technology Risk & Control Duties & Responsibilities
To write an effective technology risk & control job description, begin by listing detailed duties, responsibilities and expectations. We have included technology risk & control job description templates that you can modify and use.
Sample responsibilities for this position include:
Articulate concepts & ideas into technical requirements
Streamlining continuous control monitoring and escalation processes for measuring the firm’s standard control operating environments
Build out of the foundational services and controls uplift to ensure monitoring and completeness of incoming data and inventories
Oversight on SDLC processes for requirements, domain modeling, data architecture design, prototyping, develop, and deploy
Working with client stakeholders to define and execute strategic initiatives
Ensure all applicable firm wide policies, standards and guidelines applicable regulatory obligations for the Bank are met for the CIB business for the countries supported
Establishing and Chair the TRC Compliance review committee
Collaborating with Director TRC CIO to establish and manage consistent TRC compliance
Establishing a TRC presence/partnership within VRM and Global IT Risk functions
Developing and maintain the Audit and Regulatory inventory of requirements for TRC
Technology Risk & Control Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Technology Risk & Control
List any licenses or certifications required by the position: CISSP, CISA, CISM, CRISC, CFE, CIA, CBCP, CA, CPA, PMP
Education for Technology Risk & Control
Typically a job would require a certain level of education.
Employers hiring for the technology risk & control job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and University Degree in Computer Science, Management, Engineering, Business, Information Technology, Technology, Finance, Accounting, Information Systems, Financial Services
Skills for Technology Risk & Control
Desired skills for technology risk & control include:
Basel and other regulations affecting Risk and Finance
Current regulatory impact and expectations on technology per Sarbanes Oxley
Frank-Dodd
Gramm-Leach Bliley Act
Reporting and analysis
Accounting and Reporting processes
Banking industry are
Digital signatures
Dutch
Encryption
Desired experience for technology risk & control includes:
Experience with technology infrastructure (e.g., network, operating system, ), security engineering, and/or development of applications with security requirements is a plus
7-10+ years experience in Information Technology, IT Risk, or IT Controls (CISA/CRISC/CISSP certification is an advantage)
Experience developing and implementing dashboard/data visualization and heat map presentation of metrics
Must be a detail oriented, quality-focused manager
Desktop skills - Microsoft Word, Excel and PowerPoint
Minimum 10 years experience as a business analyst, preferably within the financial services industry
Technology Risk & Control Examples
1
Technology Risk & Control Job Description
Job Description Example
Our growing company is looking to fill the role of technology risk & control. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for technology risk & control
- Coordinatong across Technology infrastructure and 3rd parties to ensure timely and complete assessments
- Developing and regularly produce TRC activities reports
- Managing TRC assessments including 3rd parties, drive work streams, report on progress, escalation of risks and issues when necessary
- Establishing and manage relationships with key stakeholders across COO infrastructure and 3rd parties
- Establishing and manage key processes and interfaces across COO infrastructure and 3rd parties
- Developing, monitoring and reviewing the KPI’s and KRI’s defined for TR compliance
- Overseeing the development of a current to future state model, with compelling drivers to produce results
- Developing and maintain linkage between internal and external TRC activities
- 15+ years financial services/banking industry experience in a Global role
- Very strong technology infrastructure background
Qualifications for technology risk & control
- Proficient in the MS Office Suite (Excel, Word, Powerpoint, Visio, Sharepoint)
- Participation in a number of data working groups, Information Architecture
- Strong analysis and project management skills managing multiple projects to deadlines & priorities
- Proficiency with presentation, analysis, communications tools and facilities
- Knowledge of COBIT, ISO and ITIL standard processes and controls and related regulatory requirements aligned to TRC
- Demonstrated IT risk management skills
2
Technology Risk & Control Job Description
Job Description Example
Our growing company is hiring for a technology risk & control. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for technology risk & control
- To be responsible for the identification and escalation of emerging and upstream operational risk through the execution of operational risk management framework tools, including risk event management, reporting, and action plan tracking
- To continuously improve management of the operational risk framework, identifying the need for adaptation of controls to meet changes in the risk profile and optimise the balance between controls and risks
- To be responsible for providing risk support in the management of incidents to minimise risk/loss and to identify, analyse and report control metrics on a timely basis
- Perform annual assessments
- Perform periodic control validation and audit reviews
- Mitigate operational risk to acceptable level and recommend follow-up action to facilitate risk acceptance
- To assist CB Operations in the decision making process and provide assurance that internal/external policies and regulation are fully complied to through the provision of timely, accurate and focused risk specific support, reporting and recommendation
- Act as liaison for CB Ops with Group Risk / Compliance / Legal / Audit
- To promote risk awareness and compliance with Group’s policies, standards and guidelines
- Prepare and manage the timely submission of risks reports
Qualifications for technology risk & control
- Minimum of 5 years experience demonstrating expertise in structured Project Management discipline and techniques is required
- Related professional qualifications a plus
- Define, manage and oversee new and existing risk acceptances
- Provide detailed risk assessment planning and risk analysis to support the overall assessment program, including
- OSupport of initial risk assessment
- ODrafting coordination across Information Security, Security Architecture and WM/ IM business lines, and through the approval process
3
Technology Risk & Control Job Description
Job Description Example
Our company is looking for a technology risk & control. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for technology risk & control
- Collaborate with various T&O technology teams in the maintenance of effective internal controls
- Liaise with the Group Audit, Group Legal and Compliance and T&O ORM teams on a regular basis
- Raise issues/concerns, and provide constructive advice to the management so that significant IT risk and control issues are escalated and resolved properly
- Participate and coordinate in internal/external audit activities
- Manage the department’s security related process improvements and quality programs by participating in research / advisory services, including capturing of organizational metrics and analysis
- Perform data analysis or procedure reviews to ensure compliance to the bank security standards
- Work with internal stakeholders and vendor to review and streamline the work processes of the bank and vendors
- Assume the role of BCP coordinator for the department and work with the relevant teams to conduct and document the annual drills
- Maybe involved in tracking of SLA delivery on vendor management
- Provide Privileged IDs support to the department including ad-hoc after office hours or weekend support if required
Qualifications for technology risk & control
- Controls Gaps identified through consultant assessments
- Remediation Self-identified Controls Gaps
- Audit engagements successfully completed
- Audit findings closed on time
- Cost Avoidance on audit finding recommendations through IT Risk consulting and negotiation
- Risk Partner relationship surveys (TRMIS, Audit, ORM)
4
Technology Risk & Control Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of technology risk & control. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for technology risk & control
- Acting as the primary liaison to work with NYL Corporate (ECS, Corporate, Insurance and Agency, Investments, ) on IT Risk and Control initiatives
- Assist in aligning NYL Corporate to the IT Risk and Control capabilities and identify process improvement opportunities, where applicable
- Monitoring the implementation of controls for technology and business project plans
- Acting as the first escalation point for risks and issues interacting with the business
- Escalate issues to senior management and the Head of IT Risk and Control as appropriate
- Making moderate IT risk and business decisions
- This role directly interfaces with the Retail and Business Banking Technology (RBBT), the Corporate Centre Technology (CCT) Delivery Groups, - direct experience with RBBT or RBB is strongly desired
- Application development (design, coding, and testing)
- Technical reviews (ensure quality design and coding standards are followed)
- Technical leadership (help ensure our technologies and standards continue to evolve)
Qualifications for technology risk & control
- Client relationship surveys (CB&W management)
- Executive satisfaction and commendations
- Guide CB&W delivery leaders and teams in proactive risk management and issue resolution
- The ideal candidate has significant experience in managing, coaching and/or leading Risk Management as a practitioner
- Someone with a passion for this function, pragmatism about what great RM looks like, and a genuine commitment to helping people and organizations get better at what they do
- Hands-on experience and previous accountability for Risk Management & IT Controls outcomes
5
Technology Risk & Control Job Description
Job Description Example
Our company is hiring for a technology risk & control. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for technology risk & control
- Risk review of Firewall rule changes in GS IT Infrastructure
- Assess IT security control deviation
- Help develop, execute and enhance the firm?s global web-control risk management program
- Participate in and/or lead programs to improve or remediate the control environment across Asset & Wealth Management, with specific emphasis on Data Management and/or Identity and Access Management
- Play a leadership role in shaping and driving the Access Management agenda, which will encompass privileged access, roles-based entitlement strategy, security administration processes, and similar
- Participate and contribute/challenge the various meetings called by Proposing Units to discuss assessments and reviews
- Drive Risk Reviews in various locations and conclude it in a timely manner with outcomes clearly articulated with related risk based prioritization
- Collaborate to bring a landscape of significant processes and articulate issues and causes of such landscape
- Provide reporting and articulate outcomes of the tasks undertaken
- Work closely with Consumer Banking Operations In-Country Representative on project timeline and project status in accordance to Consumer Banking Operations’ business scorecard
Qualifications for technology risk & control
- Implements and maintains appropriate engagement models with other Lines of Defence functions external stakeholders
- Minimum a degree in Computer Science, Engineering, Information Technology or related discipline from a recognized institution
- At least 8 to 10 years of working experience in the IT industry
- Familiar with IT controls over different operating system and database platforms will be preferred
- Familiar with Applications Delivery Life Cycle, Project Management best practices and IT Controls
- Basic knowledge application user access and access matrices will be preferred