Technology Risk Manager Resume Samples

4.5 (85 votes) for Technology Risk Manager Resume Samples

The Guide To Resume Tailoring

Guide the recruiter to the conclusion that you are the best candidate for the technology risk manager job. It’s actually very simple. Tailor your resume by picking relevant responsibilities from the examples below and then add your accomplishments. This way, you can position yourself in the best way to get hired.

Craft your perfect resume by picking job responsibilities written by professional recruiters

Pick from the thousands of curated job responsibilities used by the leading companies

Tailor your resume & cover letter with wording that best fits for each job you apply

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Resume Builder
CHOOSE THE BEST TEMPLATE - Choose from 15 Leading Templates. No need to think about design details.
USE PRE-WRITTEN BULLET POINTS - Select from thousands of pre-written bullet points.
SAVE YOUR DOCUMENTS IN PDF FILES - Instantly download in PDF format or share a custom link.

Resume Builder

Create a Resume in Minutes with Professional Resume Templates

Create a Resume in Minutes
MW
M Walker
Mariano
Walker
85221 Fay Passage
Chicago
IL
+1 (555) 103 9072
85221 Fay Passage
Chicago
IL
Phone
p +1 (555) 103 9072
Experience Experience
Chicago, IL
Technology Risk Manager
Chicago, IL
Daugherty-Armstrong
Chicago, IL
Technology Risk Manager
  • Provide ad hoc support or assistance to other roles across the Enterprise Risk Management team as deemed necessary by managers
  • Work with wider Technology Risk Leadership team to create and provide training to embed the Risk universe, KRI’s and Risk Appetite
  • Support effective CSA remediation action management with Technology management to ensure there is a continuous challenge to improve the control environment
  • Support the maintenance and development of the ORIA Framework in line with the Technology Risk and Control Framework
  • Train the project managers, service managers and PMOs for effective risk management via ORIA process
  • Good technical competencies and exposure to IT application or infrastructure development, support and management
  • Contributing to the continuous improvement of risk management practices and awareness
Houston, TX
Business Technology Risk Manager
Houston, TX
Gibson, Lebsack and Blick
Houston, TX
Business Technology Risk Manager
  • Prepare risk based reporting & presentation for finding to technology and business leaders
  • Manage and maintain risks profiles, risk and controls assessments, controls design and assurance testing programs focussed on infrastructure technologies and applications managed by the ITS team
  • Work collaboratively within TRMIS, ITS and with other key stakeholders including technology lead on activities targeting the management of business risks associated with technology
  • Continually demonstrate initiative and leadership as the TRMIS representative for ITS promoting TDBG technology policies and the Enterprise Technology Risk & Control Framework on all risk and controls related issues, on all programs
  • Provide a point of coordination for various security related activities within the TRMIS group; serve as key liaison and contact for stakeholder groups including ITS, audit and BTRM groups supporting the various lines of business in TDBG
  • Expert knowledge in information security, risk management, information technologies, IT operations, control testing and/or compliance (including but not limited to SOX, PCI and US financial institution regulations)
  • CISSP, CISM and/or other professional security accreditation an asset
present
Houston, TX
Senior Technology Risk Manager
Houston, TX
Nicolas Group
present
Houston, TX
Senior Technology Risk Manager
present
  • Frequent engagements with global IT Risk peers and work in special interest working groups such as Internet Facing Applications Working Group
  • Assisting in the enhancement and implementation of the Technology Risk, out-sourcing / Vendor Risk management framework
  • Work with the Risk & Control teams to analyse latest program and project scorecards, preparing execute summary reports for IT & Control management
  • Develop procedures and guidelines to facilitate improved risk management techniques
  • Conducting business unit analysis and providing Risk Management support and advice to Line 1
  • Contribute to the continuous improvement of risk management practices and awareness within the Technology Account Teams
  • Motivate and inspire - establish direction and develop vision
Education Education
Bachelor’s Degree in Technology
Bachelor’s Degree in Technology
Georgia State University
Bachelor’s Degree in Technology
Skills Skills
  • Strong demonstrated knowledge of IT risk management gained as a practitioner
  • Strong decision making capability
  • Demonstrated capability of designing and implementing cross-functional programs; strong project management skills
  • Comfortable with public speaking across various forums and be able to effectively and logically communicate when ideas are being challenged in an open forum
  • Strong attention to detail
  • Good understanding and working knowledge of information technology and information security governance frameworks, standards and regulation
  • Good knowledge and experience in both information technology / security risk management and controls assurance
  • Comfortable working alone as well as in a team – able to work in a Global Team environment
  • Comfortable working alone as well as in team – able to work in a Global Team environment
  • Highly organized
Create a Resume in Minutes

15 Technology Risk Manager resume templates

1

Technology Risk Manager Resume Examples & Samples

  • Execute key technology risk mitigation projects, including coordination with applicable business, technology and risk & control teams
  • Support the TRM lead in key risk and control activities, such as identifying, understanding and managing technology control risk through control education, review of metrics, and facilitation of risk and control self-assessments
  • Document potential control gaps and questions, and conduct follow-up throughout the year
  • Work closely with technology control owners to update the technology sections of the annual service auditor reports
  • Experience with SAS 70 / SSAE 16 reporting requirements and SOX 404 a must
  • Strong interpersonal skills and ability to communicate effectively
  • Strong skills in Microsoft Excel, Powerpoint, and Word
2

Technology Risk Manager Resume Examples & Samples

  • Note - We are obliged to perform an annual assessment of compliance with the requirements contained in the Codes of Conduct of various Banking Industry Schemes. This assessment is referred to as an Industry Attestation. The services covered by this requirement are
  • LINK*
  • MPS*
  • IBDE*
  • BacsTEL-IP (also known as Bacs Trust Service)*
  • Bacs*
  • CHAPS*
  • Faster Payments*
  • Paypal
  • VISA*
  • Account Switching*
  • Target 2
  • Review the Code of Conduct to identify any changes to the attestation controls or timescales
  • Engage with the Attestation Owner to identify relevant personnel and key stakeholders
  • Work with the Service Compliance Manager to identify any incidents, new risks or audit observations which may impact the attestation
  • Engage with Service Management and Control Owners to identify any infrastructure or application changes, made within the previous year, which may impact the attestation compliance position
  • Document the scope of the attestation
  • Manage the collation of evidence, provided by Control Owners, to support each requirement contained in the Code of Conduct
  • Review and Quality Assure (QA) the evidence provided by Control Owners, to support each requirement, assessing the accuracy and appropriateness to the control
  • Undertake sample testing focussing on requirements that have changed since the previous assessment, controls that were deemed to be non-compliant in previous years or components that have been subject to Major Incidents that have generated a Risk Event
  • Provide BIA with a completed evidence index
  • Work with BIA during their audit to ensure queries are followed up in a timely manner and adhere to the agreed scope of the attestation
  • Work with Control Owners to remediate any non compliant requirements identified
  • Complete the Code of Conduct Questionnaire for submission to the Industry Body
  • Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Barclays Operational Risk Framework and internal Barclays Policies and Standards
  • Project and organisation management skills to enable delivery of mini-projects, involving several stakeholders, to fixed dates, to a good quality
  • Comprehensive understanding of risks and controls within the Technology environment
  • Ability to challenge senior control owners in the provision of control information and evidence
  • Ability to assess, quantify and effectively communicate risks and issues relating to technology controls
  • Relationship building/maintenance across Technology Management, (such as control owners, Attestation Owners) and BIA
  • Able to demonstrate innovative thinking around areas such as driving improvements and efficiencies in processes, identifying synergies and overlaps in controls and improved ways of working, to make key stakeholders lives much easier and the overall processes more effective
  • Ability to adapt to new and emerging situations, such as new attestations
  • Financial Institutions Technology controls experience including exposure to one or more of the following
  • Technology platforms such as Mainframe, Tandem, Unix, Windows
  • Infrastructure areas such as Middleware, Storage, Data Centres
  • Application processes and controls
  • Service risk management
  • Cryptography & Key Management
  • ITIL controls such as incident & problem management
  • Experience of testing methodologies/approaches
  • Audit / SOX testing
  • Hands on experience of MS Office tools such as Excel and Sharepoint
  • Strong analytical skills and a questioning mind. Analysis of the control submissions to identify anomalies and inconsistencies within detailed technical responses. The results of this will result in issues and non-compliances that could require negotiation with the Industry Bodies, BIA, Senior Management and Control Owners to ensure that control wordings are changed and appropriate remediating action taken
  • Proactive self-starter and self-motivator
  • Comfortable working alone as well as in a team – able to work in a Global Team environment
  • Relationship management/negotiation – good influencing skills required to ensure that appropriate action is taken to meet the Code of Conduct requirements
  • Confident communicator
  • Able to liaise with technical control owners, Senior Management, BIA and Industry Bodies. This will require negotiating to ensure control wording updates are provided in a timely manner, evidence of compliance is provided and that appropriate remediation action is taken to resolve any issues identified
  • Presentation skills required to communicate to Senior Stakeholders and control owners to explain the importance of the attestations and their role in ensuring a satisfactory outcome. This is likely to require a degree of negotiation in ensuring that business requirements are met in addition to the Industry Body Code of Conduct requirements
3

Technology Risk Manager Resume Examples & Samples

  • Operational Risk Impact Assessment (ORIA) is the process for assessing the risk of technology projects going to the production (live) environment
  • The ORIA team governs the self-assessment process via effective training and awareness, operational reporting and stakeholder management
  • The ORIA team members also proactively engage with high risk and high profile projects across the group and provide consultancy and facilitation
  • ORIA team measure and monitors key risk indicators related to the process and takes corrective actions based on risk trending
  • Manage the ORIA process definition as part of the SDLC control and take proactive step to ensure that the process remains adaptive to the change control environment and O&T priorities
  • Provide support to Technology staff in the creation of Operational Risk Impact Assessments, ensuring that the self-assessment process is accurate and an efficient capture/reporting of a projects risk status
  • Support the SDLC compliance programme across the global bank as one of the mandatory SDLC controls
  • Maintain the ORIA process automation with risk management tool and ensure that tool is customised from time to time in response to the change in the process
  • Train the project managers, service managers and PMOs for effective risk management via ORIA process
  • Support the maintenance and development of the ORIA Framework in line with the Technology Risk and Control Framework
  • Provide stakeholder management with the customers of ORIA across technology ensuring that the customers view is at the centre of the operation of the process
  • Provide Risk Management expertise to the Change community encouraging a pro-active approach
  • Support the BAU risk management process for technology services
  • Support the proactive identification of Sarbanes-Oxley impacting projects, handing them through to Sox Assurance for further treatment
  • Actively work in partnership with Security Risk colleagues on high risk projects
  • : Produce and communicate ORIA MI (KRIs) to provide stakeholders with a view of projects impacts on the live environment, gaps and action plan progress
  • Aa extensive understanding of risks and controls within the Technology environment
  • Extensive Communication skills: Ability to assess, quantify and effectively communicate risks. The ability to negotiate through challenging situations and manage conflict
  • A Thorough understanding of Software Development Life Cycle (SDLC)
  • Good Presentation and Training skills: Running Training sessions both face to face and during webinars to create risk management awareness among non-risk professionals
  • A comprehensive background in Risk Identification: Identification and remediation of security controls in the technology environment
  • Robust and experienced Risk Assessment and Analytical skills: Risk assessment and implementation of remediation in both the application and infrastructure disciplines. The ability to present complex information in simple and understandable formats for peers and senior management
  • Experience of the management and delivery of technology change projects
  • Prior experience of relationship building/maintenance across Technology Management and teams
  • Innovation and creative thinking: the ability to think of solutiuons that help ORIA stakeholders to use the process easily and without duplication
  • IT process improvement
  • Financial Institutions Technology experience including
  • Exposure to service risk management
  • IT Change Management experience beneficial
  • Customisation and implementation of risk management tools
  • Hands on experience of Excel and macro programming
  • Self starter and self motivator
  • Comfortable working alone as well as in team – able to work in a Global Team environment
  • Relationship management/negotiation – good influencing skills
  • Confident
  • Display empathy for Technology change and run team’s core delivery focus to the business
4

Business Technology Risk Manager Resume Examples & Samples

  • Proven understanding of technology risk management & information security frameworks and methodologies
  • Proven experience in risk based analysis & information security technologies
  • Strong ability to lead independent technology risk assessments based on a control based methodologies
  • Prepare risk based reporting & presentation for finding to technology and business leaders
  • 5 + years of experience in (IT) Risk Assessment, IT Audit, Development & management of information security policy and standards, Disaster Recovery and Business Continuity planning, Threat & Vulnerability Assessment and Testing Methods
  • Experience with financial banking, credit card processing, acquiring, issuing and merchant services
  • In-depth experience with financial regulatory & compliance reporting environments
  • Experience working with the Payment Card Industry Data Security Standard
  • Effective project management skills and the ability to coordinate multiple projects simultaneously
  • Experience with project management tools & methodologies
  • Strong Presentation, Communications and Writing Skills
  • Strong Analytical & Analysis Skills
  • Experience with the following technology components
5

Business Technology Risk Manager Resume Examples & Samples

  • Manage and maintain risks profiles, risk and controls assessments, controls design and assurance testing programs focussed on infrastructure technologies and applications managed by the ITS team
  • Work collaboratively within TRMIS, ITS and with other key stakeholders including technology lead on activities targeting the management of business risks associated with technology
  • Continually demonstrate initiative and leadership as the TRMIS representative for ITS promoting TDBG technology policies and the Enterprise Technology Risk & Control Framework on all risk and controls related issues, on all programs
  • Provide a point of coordination for various security related activities within the TRMIS group; serve as key liaison and contact for stakeholder groups including ITS, audit and BTRM groups supporting the various lines of business in TDBG
6

Business Technology Risk Manager Resume Examples & Samples

  • Manage and maintain risks profiles, risk and controls assessments, controls design and assurance testing programs focused on applications managed by the DCTS team
  • Work collaboratively within TRMIS and with other Business and Technology key stakeholders
  • Continually demonstrate initiative and leadership as the TRMIS representative for Digital Channel promoting TDBG policies and the Enterprise Technology Risk & Control
  • Act as a point of coordination for various security related activities within the Digital Channel; serve as key liaison and contact for other risk partners, including Privacy, Compliance, Operational Risk and Audit
7

Business Technology Risk Manager Resume Examples & Samples

  • Possess excellent communication skills (written & verbal), with proven ability to effectively interact with individuals across technology, business units and vendors at various levels
  • Develop strong partnership with TRMIS and Segment project leads
  • Utilize both risk and segment related experience to align risk mitigation initiatives in order to build solutions that consistently improve the risk posture
  • Act as a project lead for the Segment level project stream, provide updates, project issue management, escalation
  • Act as a decision maker representing TRMIS within TD Securities and TBSM project streams
  • Provide a Single Security and IT Risk representative for all issues, events and programs
  • Assist the business in resolving technology based audit findings as well as consult with IT Teams to identify mitigation strategies to internal audit findings
  • Create and deliver on a strategic plan and align it to partners' plan, budget and resources
  • Create and deliver on an education strategy tailored to specific audiences within the business and technology groups to ensure alignment with the overall Technology Risk strategy and compliance to regulatory and/or established Bank system security standards
  • Participate in initiatives to improve processes, communication and tools within BTRM and TRM&IS
  • Act as a point of escalation for a variety of issues and portfolio-related topics
  • Support a work environment that promotes team work, quality and innovation
8

Technology Risk Manager Resume Examples & Samples

  • Providing support for educating, advising and ensuring adherence to Macquarie's risk and regulatory requirements
  • Collating, analysing and reporting key risk indicators in the managed services area
  • Proactively aid in the identification and assessment of IT risks and provide advice on appropriate risk mitigation strategies to reduce risk and improve controls
  • Building relationships with key stakeholders
  • Coordinating IT responses to internal and external audits and assist team efforts to strengthen internal controls of IT
  • Promoting and highlighting sound risk management behaviours to all staff
  • Contributing to the continuous improvement of risk management practices and awareness
  • Proven leadership capability in large scale corporate environments
  • Current knowledge of best practice in IT Controls, Risk Management Techniques and GRC Tools
  • Excellent understanding of Risk Management frameworks and relevant certifications (CISA/CRISC)
  • Strong stakeholder management and business engagement positions
9

Technology Risk Manager Lead Resume Examples & Samples

  • Developing and sustainably managing the Enterprise Third Party Management program components including the governance process and framework;-Definition, development and deployment of the ETPM Program while ensuring policies, procedures and objectives are aligned with the Operating Risk Management Policy
  • Partnering with regulatory bodies, risk stewards, executive management and the lines of business to ensure implementation of PNC's third party management policy and program requirements;- Ensuring effective third party management policy, procedures and risk controls within both the line of business and enterprise and reporting to management
  • Ensuring Enterprise Third Party Management program maturation and strategic direction
  • Continually demonstrating and measuring the effectiveness of the ETPM Program is managing and mitigating risks presented by Third Parties engaged on behalf of the enterprise
  • Establishing and sustainably managing the Enterprise Third Party Management program components including governance process and framework
  • Ensures that all third parties are being managed efficiently and consistently to mitigate and reduce third party risk
  • Facilities interaction with businesses to incorporate input and ensure alignment with business objectives
  • Ensure governance over ETPM Program quality, consistency and compliance to align with regulatory expectations as they relate to third party management
  • Ensure program design and implementation is strategically aligned to address third party risks most critical to PNC businesses
  • Drive risk based prioritization of third party management program component development and implementation
  • Ensure appropriate training, communication and procedural support relating to third party management program components
  • Establishing the third party management risk framework and methodologies
  • Definition, development and deployment of the ETPM Program while ensuring policies, procedures and objectives are aligned with the Operating Risk Management Policy
  • Support consistent third party risk analysis and reporting processes across PNC businesses and functions.-Ensure tools and processes are understood, used and effective in supporting business and enterprise level risk reporting
  • Facilitate the aggregation and analysis of third party risks, data and conclusions across PNC businesses to derive the enterprise wide third party risk assessment
  • Produce timely, accurate and complete enterprise third party risk assessments and reporting
  • Present enterprise third party risk assessments and reporting to corporate risk management committees
  • Partner with regulatory bodies, risk stewards, executive management and business units to ensure implementation of PNC’s third party management policy and program requirements
  • Ensure Program stakeholders understand their respective roles in accordance with applicable policies, procedures and objectives
  • Collaborating with all lines of business management to effectively and efficiently manage and monitor third parties across the enterprise
  • Partner with LOB’s to ensure appropriate creation and implementation of LOB third party management offices
  • Interface with regulatory agencies for examinations and to demonstrate program components
  • Consult in defining the most effective approach to executing the program components
  • Assist in identifying the appropriate participants/team members
  • Consult in the prioritization of third party management risk remediation
  • Effectively demonstrate third party management risk program, processes and results
  • Ensuring effective third party management policy, procedures and risk controls within both the line of business and enterprise and reporting to management
  • Ensure risk and control assessment methodologies are conceptually aligned and consistent
  • Drive a uniform risk reporting methodology across all third party management risk categories
  • Ensure consistent methodologies for KRI's and other risk monitoring activities
  • Ensure proper escalation of noncompliance to appropriate PNC risk committees
  • Ensure Program policies, procedures and controls are updated when necessary
  • Ensuring Enterprise Third Party Management program maturation and strategic direction Ensure proper assignment of authority and responsibilities to staff in order to effectively execute the Third Party Management Program
  • Adjust resource requirements as necessary to ensure proper management and execution of the TPM Program
  • Ensure timely issue resolution and continuous improvement
  • Ensure ETPM Program is continuously realigned to meet regulatory requirements as related to third party management
  • The successful candidate will have the following qualifications
  • A Bachelor's degree is required
  • 7-10 years of experience leading a team focused on third party risk management or other elements of risk management
  • Additional years of experience would be acceptable in lieu of education
  • Knowledge of financial services and best practices in third party risk management
  • Knowledge of compliance functions
  • Demonstrated executive maturity and presence with strategic agility
  • Knowledge of existing regulatory guidelines from OCC, FRB, FFIED, CFPB, etc
  • Six Sigma certification is preferred
10

Senior Technology Risk Manager Resume Examples & Samples

  • Senior Technology Risk Officer role is part of the Functional Risk Management team within IT Risk APAC
  • Primary responsibility of risk partnership with functional IT involves risk advisory consultation, execution of risk assessments of IT assets (applications, infrastructure)
  • Direct support and collaboration with IT to consult on technology risk matters or regulatory compliance requirements impacting projects and monitoring of key risk indicators impacting IT
  • Present and clearly articulate pertinent risk matters to senior IT stakeholders and business representatives
  • Prioritize and manage IT Risk book of work, projects and risk items
  • Works with a team of established APAC IT Risk Officers located across Singapore, Hong Kong, Tokyo, Sydney and Pune
  • Frequent engagements with global IT Risk peers and work in special interest working groups such as Internet Facing Applications Working Group
11

Technology Risk Manager Digital Resume Examples & Samples

  • Minimum of a bachelor degree
  • Minimum five years in a control function (Audit, Controls, Operational Risk Management, Information Risk Management)
  • Experience with Digital Banking a plus (online, mobile, emerging payments)
  • Ability to work effectively with both business and technically oriented individuals
  • Ability to work independently while managing multiple deadlines and priorities
  • Familiarity with process engineering and root cause analysis
  • Certified Information Systems Auditor, CISSP or other technology risk credential a plus
12

Technology Risk Manager Resume Examples & Samples

  • The candidate will be expected to identify and measure both inherent and residual risk to technology service delivery capability
  • The candidate will be expected to evaluate the extent to which technology managers can demonstrate they are in compliance with internal and external technology control standards, as well as regulatory and audit requirements
  • The candidate will be expected to advise on continuous monitoring and control test methods, and recommend technology metrics in support of decisions concerning technology control objectives
  • Experience with automated monitoring tools and incident tracking tools to effectively communicate and manage incidents, defects and data quality issues
  • Comfortable with public speaking across various forums and be able to effectively and logically communicate when ideas are being challenged in an open forum
13

Technology Risk Manager Resume Examples & Samples

  • Design and implement a risk management framework as per Industry best practice, including managing the development of the IT risk reporting and metrics technology architecture
  • Manage and Synthesize data from risk events, KRIs, audits and regulatory reviews and conceptualize and communicate key themes, trends and emerging issues to Senior Management
  • Analyze and categorize IT risks identified across all sources / processes
  • Review and report risks/ communication with internal business / functional areas
  • Provide input into Operational Risk processes and Regulatory Compliance processes
  • Provide back up and support for Senior Management where required
  • Desired Candidate Profile
  • IT Risk Management / Operational Risk management experience
  • Proven ability synthesizing and conceptualizing data, and identifying the root causes of compliance and control issues, and adverse events
  • Proven ability to proactively recognize emerging issues and influence risk managers to recognize the risk
  • Strong understanding of technology and development life cycle processes (SDLC, technology operations, business continuity, etc)
  • Working knowledge of COBIT and ISO27001
  • Ability to analyze complex data from various sources, identify risks and provide solutions
  • Advanced knowledge and experience with data analytics and reporting tools, including SAS and Cognos
  • Strong written and oral communication and negotiation skills
  • Ability to execute work projects both locally and remotely
  • Experience managing across teams locally and globally
14

Business Technology Risk Manager Resume Examples & Samples

  • Protecting the organization from business risks associated with technology, interfacing with Business and technology leads
  • Continually demonstrate initiative and leadership as the Information Security and IT Risk representative for Corporate Segment, for all relative issues, events, and programs
  • Providing a Point of coordination for various security related activities within the central Technology Risk Mgmt and Information Security team
  • Ensuring escalation and notification for security and IT Risk related issues
  • Participation in a “State of Health” program for the business, including reporting, planning and prioritization of key risks
  • Participation as required in support of all strategic objectives established by the CIO and his team. #LI-JJ1
15

Technology Risk Manager Resume Examples & Samples

  • Provide support for educating, advising and ensuring adherence to Macquarie's risk and regulatory requirements
  • Collate, analyse and report key risk indicators in Commodities & Financial Markets for the Technology leadership
  • Champion risk, compliance and security initiatives, and assist in the rollout of Macquarie policies
  • Promote and highlight sound risk management behaviours to all staff levels
16

Senior Technology Risk Manager Resume Examples & Samples

  • Champion risk, compliance and security frameworks and proactively conduct assessment and identification of IT risks
  • Facilitate the rollout of Macquarie Policies and implementation of mechanisms to support these
  • Contribute to the continuous improvement of risk management practices and awareness within the Technology Account Teams
  • Undertake IT operational risk self assessments
17

Business Technology Risk Manager Resume Examples & Samples

  • Deliver risk assessments, controls design, control assurance and testing, program support and expert knowledge advisory services accordance with BTRM ITS specific service delivery processes
  • Contribute collaboratively in ongoing improvement of the enterprise BTRM practice including process improvement in TRMIS and ITS groups and to enhancements to security standards, control solutions and implementation and related monitoring and verification practices
  • Participate as required on all strategic objectives established IT executive leadership
  • Identify and prioritize key controls deficiencies at formative stages of technology development programs and as part of controls assurance and verification testing in the IT environment
  • Ensure ITS management understand the business implications of technology risks and the commensurate security and IT risk strategies associated with these risks; escalating urgent issues in a time appropriate manner
  • Interpret and advise with expert knowledge on risks, business impacts and matters of security (including vulnerabilities and threat management), compliance/regulatory standards, audit programs and audit findings
  • Support ITS deliver teams with technology-specific security advisory for security events and as part of post security incident remediation activity; advise senior leadership and BTRMs supporting lines of business of potential impacts related to current security events
  • Manage delivery of BTRM-ITS services and participate in ITS sponsored cross- development and new technology programs; provide support throughout the full SDLC ensuring key security and risk strategies are comprehensive, consistent with TRMIS policies/standards, well communicated and appropriately monitored
18

Technology Risk-manager Resume Examples & Samples

  • Effectively manage and motivate client engagement teams with diverse skills and backgrounds. Provide constructive on-the-job feedback/coaching to team members. Foster an innovative and inclusive team-oriented work environment. Play an active role in counseling and mentoring junior consultants within the organization
  • Foster relationships with client personnel at appropriate levels. Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. Manage expectations of client service delivery. Stay abreast of current business and industry trends relevant to the client's business
  • Cultivate and manage business development opportunities. Understand EY and its service lines and actively assess/present ways to serve clients. Develop and maintain long-term client relationships and networks. Develop relationships with team members across all EY practices to serve client needs
  • Demonstrate deep technical capabilities and professional knowledge. Demonstrate ability to quickly assimilate to new knowledge and develop services to meet ongoing client needs. Possess in depth business acumen. Remain current on new developments in advisory services capabilities and industry knowledge
  • A bachelor's degree and a minimum of 5 years of related work experience; or a graduate degree and approximately 4 years of related work experience; a minimum of 3 years of relevant experience at a financial services company or comparable experience working as an advisor to a financial services company
  • A bachelors degree in computer science, engineering, accounting, finance or a related field; MBA or MS degree preferred
  • Demonstrated ability to manage, supervise and build an effective team of technology advisors through all phases of risk technology life cycle, including requirements definition, architecture design, configuration/implementation, conversion and testing
  • Deep knowledge of financial products for banking and trading books; understanding of typical capital markets and other banking instruments, their characteristics and uses in the capital markets
  • Technology experience across the systems development lifecycle supporting one or more of the risk management domains described above (Credit, Market, Liquidity, Enterprise Risk)
  • Demonstrated technology competencies in one or more of following areas
19

Technology Risk Manager Resume Examples & Samples

  • IT Risk and Control management program for the Investor Services line of business
  • Manage and monitor the IT Risk and Control posture for the business, providing management with transparency over what these risks are and how they can be addressed
  • Coordinate all relevant IT Risk and Control activities (e.g., assessment, control testing, monitoring, reporting and remediation activities). Act as a subject matter expert in relation to IT Risk, Control and Security
  • Stakeholder engagement skills, including ability to influence senior management
  • Strong demonstrated knowledge of IT risk management gained as a practitioner
  • Extensive experience in technology or IT Risk and Control management, preferably for financial institution and/or strong background in IT Risk and Control Advisory
  • Industry qualification e.g. CISA, CRISC
20

Technology Risk Manager Resume Examples & Samples

  • Contribute to the development of security architecture and processes aligned to the business strategy
  • Participate in industry forums in the efforts of improvement and development of industry standards
  • Contribute to the design and implementation of innovative security initiatives, analyze existing policies to identify security risks
  • Ensure existing programs are in compliance to MAS TRM guidelines
  • Develop security awareness program to increase awareness across the business
  • Perform risk assessment of PTVA and recommendation mitigation strategies
21

Technology Risk Manager Resume Examples & Samples

  • Operational Risk Management - (technology specific) including: in-depth risk profiling, developing the controls assurance program, and project management around the outsourcing of business operations to third party vendors and suppliers
  • Conducting business unit analysis and providing Risk Management support and advice to Line 1
  • Challenging and educating business units on regulatory change and best practice
22

Infrastructure Technology Risk Manager Resume Examples & Samples

  • Capture, document and understand the key risk drivers, processes and controls for managing IT risk
  • To offer technical direction on the implementation of technology risk mitigation
  • Work with technical Stakeholders to guide improvement of current IT Risk procedures & policies
  • Business Continuity Planning
  • Disaster Recovery
23

Business Technology Risk Manager Resume Examples & Samples

  • Participation as required in support of all strategic objectives established by the CIO and his team
  • Ensuring business understand key security and IT Risk strategies, and how they affect the Corporate Office business lines
  • Comprehension of Federal and Industry based regulations as well as alignment to technology controls
  • Provide assistance to the business to address technology based Audit findings and issues
  • Ensure technology governance methodologies are in place within the business to minimize overall security risks to the Bank
  • Participate in the development of system security awareness and communication training programs across the enterprise to ensure alignment with the overall Technology strategy and compliance to regulatory and/or established Bank system security standards
  • Ensure outsourcing partners adhere to TDBG security policies and standards, by establishing oversight controls, and by ensuring risk has been mitigated to protect the Bank
  • Participate in the development of on-going Technology Risk reporting, monitoring key trends and/or breaches
  • Stay current with emerging technology advancements / trends, and regulations to support business needs and leverage a highly capable management team, actively developing and deploying talent across the business
24

Business Technology Risk Manager Resume Examples & Samples

  • Protect the organization from business risks associated with technology, interfacing with business and technology leads
  • Continually demonstrate initiative and leadership as the Information Security and IT Risk representative for TD Insurance, for all relevant issues, events, and programs
  • Provide a point of coordination for TD Insurance for various security related activities within the central Technology Risk Management and Information Security team
  • Ensure escalation and notification for security and IT Risk related issues
  • Participate in a “State of Health” program for the business, including reporting, planning and prioritization of key risks
  • Participate as required in support of all strategic objectives established by the CIO and their team
  • Ensure business understand key security and IT Risk strategies, and how they affect TDI
  • Understand applicable federal, provincial and industry based regulations and their alignment to technology controls
  • Provide guidance and/or consulting service to technology/business partners on key technology initiatives and provide expertise in the areas of Computer Forensic Services, Incident Response Management, Vulnerability Management and Reporting and Managed Security Services
  • Ensure outsourcing partners adhere to TD security policies and standards, by establishing oversight controls, and by ensuring risk has been mitigated to protect the Bank
25

Senior Technology Risk Manager Resume Examples & Samples

  • Assisting in the enhancement and implementation of the Technology Risk, out-sourcing / Vendor Risk management framework
  • Work closely with the business to advise, review and challenge on all aspects of Operational Risks associated with Technology
  • Monitoring, assessing and reporting on Risk registers, breaches and incident management
26

Technology Risk Manager Resume Examples & Samples

  • 7+ years of relevant experience in a Technology Risk role
  • Previous experience with Mutual Funds, Risk Management, Risk Reporting/Analysis, and Sarbanes Oxley
  • Degree in Computer Science, Management of Information Systems or Engineering
  • CRISC certification
  • Experience in Asset Management
  • Experience using Archer
27

Technology Risk Manager Resume Examples & Samples

  • Effectively communicating and liaising with multiple internal stakeholders from across the business
  • Providing relevant risk management insights that are supportive to key business initiatives
  • Advice, design and update IT Risk Management procedures
  • Pragmatic approach in regards to the operational risk and compliance management frameworks and the business strategy
  • Hands on Information Technology, Audit or Risk experience
  • Financial Services exposure is desirable
  • Possess extensive working knowledge in IT service continuity, disaster recovery and business continuity
  • Working knowledge in operational risk management and compliance disciplines
  • Proficient interpersonal skills
28

Senior Technology Risk Manager Resume Examples & Samples

  • Be responsible for establishing strong working relationships with Application Development, Information Security, Continuity of Business, as well as other Business/Operations/Infrastructure Risk Management teams
  • Coordinate Business As Usual (BAU) activities, overseeing Risk & Control activities. Provide assistance to application owners/management team to ensure Risk & Control issues and initiatives are addressed timely
  • Assist technology teams in responding to audit requests, perform review of deliverables for completeness and accuracy as needed
  • Work with the Risk & Control teams to analyse latest program and project scorecards, preparing execute summary reports for IT & Control management
  • Perform Managers Control Assessment (MCA) testing of IT General Controls. Analyse test results and open corrective action plans as needed. Identify emerging risks and prepare Quarterly Risk Assessment (QRA) documents to summarize overall MCA results
  • Facilitate compliance with Citigroup Policies, Standards and Regulations, such as but not limited to Sarbanes Oxley (Sox-404), Dodd Frank, Volcker, Operational Risk, Export License, Vendor Management, Data Privacy, etc
  • Perform and report on trend analysis, identifying opportunities for process improvements
  • Minimum 3 years of experience in Audit, Information Security or Risk Management
  • Experience performing IT Business Analysis, Project Management or similar work is an advantage
  • Previous experience in Production Support and Application Development roles is an advantage
  • Strong knowledge of Microsoft Office with Excel, Outlook, and PowerPoint skills (VBA, SQL is a plus)
  • Higher degree
  • Industry certifications, such as CISA, CISM, CRISC, CISSP would be an advantage
  • Good organizational skills, ability to work under pressure and prioritize within tight deadlines while maintaining total accuracy
  • Ability to analyse large amounts of data, decipher items relevant to the development unit covered, and determine corresponding risk
  • Possess the ability to develop and maintain good working relationships with various levels of management
29

Technology Risk Manager Resume Examples & Samples

  • Establish the organisations overall Technology Risk strategy and assist Technology to embed through a robust implementation plan
  • Provide high level management and advice to the organisations disaster recovery and contingency planning
  • Direct the delivery of various risk activities resulting in significant improvements to the technology control environment and Technology Risk profile for the group
  • Ensures that EUS information policies and procedures provide compliance with regulatory and organisational requirements and frameworks, and that they are sound, effective, and well understood to minimise risk
  • Report through formal channels on any significant risks and issues
  • Manage and report on the ongoing audit process
  • Define and measure ANZ’s Technology Risk provision against industry benchmarks ensuring alignment of control to best practice
  • Direct the audit and compliance remediation programs and establish an effective ANZ wide Technology Risk capability to delivery ongoing risk reduction and regulatory compliance
  • Identify emerging threats, vulnerabilities and control techniques and lead the provision of pre-emptive, detective and reactive response capabilities for ANZ
  • Maintain relationships with Regulators and External Audit covering Technology Risk provision
  • Identify current and potential legal and regulatory issues affecting the provision of technology across the region and assess and manage their impact on ANZ
  • Direct the development and enforcement risk policies, procedures and standards in compliance with ANZ internal and external regulations and standards
  • Develop strategy and continuously enhance the execution of Technology Risk management policies and methodologies
  • Role Location: 30f MDC 100 Building, Eastwood City & 12f Solaris One Building Dela Rosa St. Makati Ctiy
  • Shuttle Services provided for staff with pick up points in Cubao & Makati
  • Shift: Morning Shift
30

Technology Risk Manager Resume Examples & Samples

  • Assist the team with managing the appropriate risk profiles for the business whilst maintaining the relevant controls
  • Help to embed the risk management framework into the business, whilst working with the associated stakeholders to drive risk culture and increase risk awareness in the organisation
  • Manage the operational risk incidents in line with the appropriate standards and maintain the issue management framework
  • Work with senior management on ad hoc risk management tasks as required
  • Coach and mentor junior team members
31

Technology Risk Manager, Senior Manager Resume Examples & Samples

  • Build relationships with key stakeholders in the EMEA region, including Technology, Compliance, Legal, Sourcing & Vendor Management, Business and Technology Resilience, and Operational Risk Management counterparts
  • Advise technology project leaders and stakeholders of the risk management and control requirements for new systems and major system changes
  • Collate, analyse and report key risk indicators in the Technology leadership
32

Technology Risk Manager Resume Examples & Samples

  • Managing the integration of applications into the operational support model
  • Resolution ownership of technical complexities
  • Controls adherence / oversight for all onboarding activities
  • Implement risk management controls across multiple Lines of Businesses are a must
  • Accountable for implementation of strategic initiatives related to new or enhanced security products and toolsets on supported environments
  • Identify, define, approve and ensure implementation of continuous process improvements utilizing various tools and methodologies
  • Manage operational risk and ensure compliance to all internal and external policies and regulations
  • Ensure appropriate control environment is developed and maintained
  • Ensure successful implementation of action plans to address risk and control issues
  • Promote security awareness across the firm on an on-going basis
  • Bachelor's Degree in related field or equivalent experience
  • 7+ experience in IT Risk Management, specifically Identity & Access Management
  • 5+ years Program/Project Management Experience
  • Bachelor’s Degree preferred; MBA or a masters degree in Risk Management, Operations or similar discipline preferred or equivalent experience
33

Technology Risk Manager Resume Examples & Samples

  • Function as a subject matter expert on matters of technology risk including information security risks within the IT organization
  • Provide technology risk expertise and consulting for projects and initiatives with high risk and/or high value to the organization
  • Consult on potential risks and issues to ensure the risk is properly identified, documented, and addressed
  • Perform risk analysis on identified risks and issues
  • Review management action plans to assess effectiveness of proposed remediation and appropriateness of the timeline
  • Educate and train IT teams in practices of technology risk management to be performed by the 1st line of defense
  • Identify emerging risks, reporting issues and providing appropriate risk-based coverage for supported IT business units
  • 3 -- 5 years of experience in IT Audit, IT Risk Management, or Information Security
  • Experience in the banking industry; preferably at a financial holding company (FHC)
  • Knowledge and experience in performing assessments aligned with Federal Financial Institutions Examination Council (FFIEC) guidance and information security-related standards such as COBIT, ISO2700x, and PCI-DSS
  • Industry designation preferred (e.g., CRISC, CISA, CISSP, CISM)
  • BS/BA or equivalent experience required
  • Advanced consultative skills with the ability to build collaborative relationships with all levels of an organization
  • Strong written and oral communications skills including the ability to create organized and articulate summaries of risk assessment findings/points of view that are easily understood by teammates, LOBs, etc
  • Well-developed analytical, problem solving, organization and time management skills
  • Strong detail orientation with ability to research, compile, and report on data
  • Self-motivation and direction
  • Ability to work effectively as a member of a cross-functional team
34

Technology Risk Manager Resume Examples & Samples

  • To support the Technology Risk Oversight Manager in the oversight and challenge of Technology Risks faced by the business for all business as usual activities and all in scope projects, programs and change initiatives
  • To oversee the business application of the specific Technology and CISO Minimum Standards providing challenge as necessary to oversee 1LoD compliance and effectiveness
  • To monitor external sources & build internal relationships to identify, evaluate and assess evolving Technology threats, opportunities and best practice
  • To support the Technology Risk Oversight Manger in the provision of expert input to Technology Services and CISO related Governance, Assurance, Executive Briefings, Group initiatives and activities and Incident support
  • To support the definition, management and measurement of Technology Services and CISO KRI’s to support the monitoring and action planning to support the maintenance of compliance with the risk appetite
  • To embed and maintain the Direct Line Group Enterprise Risk management Framework by providing IT appropriate challenge to risks events and action plan tracking and closure
35

Global Core Technology Risk Manager Resume Examples & Samples

  • Perform a strong matrix management role with Regional CBORC Tech risk leaders to build a picture of our risk profile in a manner which allows the O&T CBORC leader to understand our existing risk landscape, where our areas of risk and control vulnerability exist and how to work with the Global Operations team to reduce and mitigate Residual risk levels
  • Build a strong relationship with GCB CIO’s to be their key Senior Tech Risk partner/challenger
  • Ensure there is a strong Escalation culture throughout Global Technology
  • Orchestrate and drive the successful & timely completion of regulatory and Audit commitments working in partnership with all relevant stakeholders
  • Communicate to all stakeholders (including Senior Management) on a timely basis in a clear way
  • Draft and present decks and assist in the preparation of Committee meeting agendas and minutes
  • Assist in responding to requests for information and documents from the company’s internal and external auditors, regulators, and other stakeholders
  • Identifies reputational risk and its operational /financial cause/effects. Manages situations that create risk and legal liabilities for Citi
  • Actively participate in Enterprise O&T Leadership Team forums, as appropriate
  • 10-15 years’ experience in a dynamic Technology Risk and Control environment
  • Exemplary written and oral communication skills which can be leveraged to consistently succeed at all levels of the organization
  • Minimum education at a Bachelor's Degree level
  • Experience in working with Citi Risk and Control tools which are relevant to a dynamic Operations environment – e.g. Change Management, Agile, MCA, KRI’s, CitiRisk etc
36

Technology Risk Manager Resume Examples & Samples

  • Bachelor’s Degree in Information Technology, Information Systems Security, Cybersecurity, or related field
  • 4+ years of relevant consulting or industry experience
  • Proven expertise with FISCAM methodology
37

Technology Risk Manager Resume Examples & Samples

  • Review existing technology risks and maintain a process of continuous improvement
  • Identify risk correlations and trends for reporting purposes
  • Continuously assess the Technology Risk inherent and residual risk profile to facilitate accurate stakeholder reporting
  • Determine and identify new emerging risks
  • Assist in drawing out operational risks during risk workshops, relevant meetings and discussions
  • Work closely with Second and Third Lines of Defence to ensure Technology Services operates within risk appetite or identifies required remediation activity
  • Define and provide guidance to aid the identification, assessment, management and recording of operational risks at all levels
  • Support the Technology Risk team to drive improvements and efficiency for processes and approaches to manage and mitigate risks
  • Engage with senior stakeholders across DLG to ensure that the Risk Universe is used as an active risk management tool to inform decisions within Technology Risk
  • Work with wider Technology Risk Leadership team to create and provide training to embed the Risk universe, KRI’s and Risk Appetite
  • A track record of undertaking risk assessments in an IT and Change environment in an outsourced environment
  • Excellent leadership qualities and influential in winning support from senior stakeholders
  • Knowledge of industry standard risk frameworks (e.g COBIT, ITIL, NIST)
  • Ability to work independently and proactively
  • Preferred but not mandatory – ISACA Certification (CRISC, CISA, CISM, CGEIT)
38

Asia Technology Risk Manager Resume Examples & Samples

  • Build a strong relationship with the GCT Asia/EMEA Leadership Team and be their key Senior Tech Risk partner/challenger. Establish a close partnership with the CBORC GCB Asia team to drive consistent risk management practices across the Region
  • Play a key role in setting the right strategy for Risk and Control in the Region
  • In depth knowledge of Technology risk and control tools and techniques and an ability to coach and manage others in using them
  • Establish governance with first, second and third line of defense of identifying and managing in-country risks for consumer technology. Engage in appropriate key regional and country risk forums, BRCC/CLCC, Internal & External Audit Exams for Consumer Tech
  • Perform targeted regulatory/customer data privacy and compliance assessments
  • Perform targeted reviews of in-country tech processes and execution maturity
  • Provide Tech Risk Control coverage for 10 GCB product lines, covering App Development and Support Services. This includes risk maturity reviews of product suite of applications; evaluate applications’ compliance with local regulatory and Data privacy requirements as well as resilience risk reviews
  • Oversee the Digital Risk Control coverage across Digital Business, Operations and Technology functions across Asia/Emea. This includes reviews to identify potential risk based on Software Development metrics, Software Configuration Management processes and Change Management processes and tools
  • Leadership role for all 6 GCT COEs across the region. Perform targeted site risk review, reviews on outsourcing & insourcing efforts as well as ensure that we maintain and appropriate document the risk profile for the COEs
  • Build strong relationships with Risk, Control and O&T leaders
  • Be able to work with Technology teams (directly) as well as business teams to ensure adequate preparation for upcoming audits and exams
  • Manage capacity and program alignment cooperatively across the portfolio, strategic planning
  • Strong People Management skills. Ability to lead, coach and develop direct reports across the organization. Focus on leading a productive work environment and drive employee engagement efforts across the organization in order to drive the culture with the team
  • Assesses the spectrum of risks and how those risks arise from all new product offerings for respective coverage groups
  • 10 years’ experience in a dynamic Technology Risk and Control environment
  • Demonstrated track record in bringing value to the CIO through being an effective Partner and Challenger in the right circumstances
  • Demonstrated ability to independently operate in a complex, cross Line of business environment
  • Experience and ease in interfacing with Senior Management and Regulators
  • Individual should be analytical, flexible, team-oriented, have good interpersonal, communication, and follow-up skills with strong attention to detail and ability to multi-task
  • Governance experience essential
39

Director Technology Risk Manager Resume Examples & Samples

  • Responsible for establishing and managing key components of the IHC-wide technology risk management program in alignment with global BNPP RISK target operating models, supporting the IHC Head of Technology Risk
  • Responsible for cascading the IHC-wide technology risk program into designated subsidiaries, including CIB Americas, in alignment with the CIB RISK ORC Operational risk program
  • Promotes and drives risk awareness, management, and governance corporate-wide as it relates to technology related operational risks
  • Reviews, analyzes and makes recommendations regarding the design and implementation of the operational risk management framework as applicable and required for technology risk
  • Where appropriate, leads teams of Technology Risk professionals in support of bank-wide operational risk goals and objectives to drive clarity as to potential areas of material technology risk
  • Develops and refines the program to ensure a sound approach to understanding the technology risk appetite and posture with supporting metrics, assessment results and other data input as needed
  • Develop methodologies and practices to refine the technology risk framework that drives risk-aware, transparent decision making
  • Matures the risk based metrics, scorecards and dashboards to track performance as well as identify and monitor trends across the Bank
  • Prepares Risk Reporting or participates with coordinated reporting, as requested
  • Builds proactive and influential working relationships with senior management
  • As necessary, acts as a liaison for the department, maintaining effective and professional relationships with information technology, information security, Third Party Program Office, Business Continuity Management, business and support areas, internal and external auditors, Federal and State regulators, and others dealt with in a professional capacity
  • Assists across the company in supervising, directing, training, mentoring, and evaluating staff, and in developing a strong team effort among the staff members
  • Stays current in technology specific operational risk management techniques, industry best practices, and regulatory requirements
40

Technology Risk Manager Resume Examples & Samples

  • Evaluate current compliance needs
  • Design appropriate remediation and monitoring programs
  • Implement automation and reporting where possible to build compliance into repeatable technology processes
  • Facilitate external audits by working with internal contacts, collecting evidence and providing feedback to both internal customers as well as the auditors to keep the project on target and on budget
  • Manage stabilized operational compliance programs
41

Technology Risk Manager Resume Examples & Samples

  • Manage regulatory relationships and drive inspection proceedings
  • Drive and manage Technology risk initiatives and target reviews across DBS group
  • Facilitate Technology Risk, Control and Quality forum to ensure its effectiveness through agenda coverage and robust discussion across tech groups and locations
  • Assess regulatory (e.g. MAS, HKMA, CBRC, OJK, RBI, etc) changes impacting technology and drive related risk mitigation program with technology stakeholders
  • Proactive in forging effective engagement with key stakeholders on risk management, control and governance matters
  • Build relationships with technology stakeholders to pro-actively identify issues, ensure IT is effectively driving remediation activities and to continuously improve IT risk posture
  • Design and implement IT risk measures as part of the bank’s technology risk monitoring process
42

China Technology Risk Manager Resume Examples & Samples

  • 5-8 years of working experience in technology, technology risk management
  • Strong written and verbal communication skills (Chinese and English) with the ability to interact effectively with people at all levels of the organization
  • Work independently under minimum supervision
  • Strong interpersonal skills and ability to build and maintain professional working relationships with business partners, auditors and examiners
43

Technology Risk-manager Resume Examples & Samples

  • Develop and manage project plans and functional specifications
  • Build and manage relationships, involving interactions with senior client stakeholders
  • Train junior staff members in the Technology Advisory team
  • Work with senior leaders on proposals and the delivery of technology solutions
  • Have experience in
  • Lead engagements and supervise junior team members
  • Apply expert knowledge of the use and impact of IT on clients’ business and industry in order to identify potential issues or business opportunities
  • Make recommendations on the use of technology enablers and industry points of view
  • Experience in project governance and risk, IT Service Continuity, Cloud Risk, Information Security Management
  • Experience and exposure across a broad range of technology services such as IT strategy and operating models, designing cloud-based strategies, business analysis and sourcing of technology solutions
44

Senior Technology Risk Manager Resume Examples & Samples

  • Lead 2LoD oversight and challenge of the Technology risks faced by the business, for all business as usual activities and all in scope projects, programs and change initiatives
  • You will monitor the setting and management of the Technology Services and CISO risk appetite statements
  • Devise and lead all 2LoD assurance activities relating to Technology Services and CISO, including the assessment of appropriateness of 1LoD controls, their implementation and associated risk management practices
  • Oversee the business application of the specific Technology and CISO Minimum Standards providing challenge as necessary to oversee 1LoD compliance and effectiveness
  • Help develop and maintain external and internal contacts to identify, evaluate and assess evolving Technology threats, opportunities and best practice
  • Provide expert input to Technology Services and CISO related Governance, Assurance, Executive Briefings, Group initiatives and activities and Incident support
  • Lead & represent 2LoD Risk at the Risk and Security Management Committee, and lead all 2Lod reporting activity to the Boards and Committees of the Group
  • Support the definition, management and measurement of Technology Services and CISO KRI’s to support the monitoring and action planning to support the maintenance of compliance with the risk appetite
  • Take full responsibility to embed and maintain the Direct Line Group Enterprise Risk management Framework by providing IT appropriate challenge to risks events and action plan tracking and closure
  • Strong 2LoD Enterprise Risk background, with previous experience managing business relationships
  • Experience working in a risk function providing oversight and challenge to Technology Services and CISO functions
  • Demonstrable ability to influence and challenge senior management
  • Technology/ Risk accreditations - CISA/ CRISC/ CISSP
  • Financial services sector experience, preferably within Insurance
45

Msbna Technology Risk Manager Resume Examples & Samples

  • Managing the annual Technology Risk and Control Self-Assessment control effectiveness and residual risk rating activities
  • Managing and preparing technology risk reporting for governance forums, including: monthly Risk Working Group and Technology and Security Risk Management Committees, and quarterly Technology Steering Committees, Management Committees, and Board presentations
  • Tracking Bank impacting technology risks and influencing the prioritization of remediation activities
  • Gathering and reviewing technology risk metrics in order to assess risk and their relative impact to the Bank
  • Attending legal entity, technology, and information security governance forums to represent Bank interests
  • Managing the processing of technology risk acceptances for Bank specific risks
  • Participating in response to technology Bank specific regulatory requests
  • Performing annual updates to technology risk related policies and procedures
  • Conducting due diligence for New Product Approvals in order to determine technology impact, including identifying in-scope applications, determining any potential development work required, and working with developers to obtain flow diagrams
  • Bachelor's degree in Business, Economics, Finance or Information Technology
  • Seven to ten years of experience in a similar role
  • High level of attention to detail and focus on precision
  • Excellent oral and written communication skills and ability to communicate to senior level management
  • Strong managerial skills relating to project management and policy and procedure formation
  • Solid interpersonal skills, with an ability to navigate complex organizations and build and maintain relationships
  • Strong foundational knowledge of SDLC, technology operations, information security, and technology governance practices
  • Knowledge of banking products and bank regulatory environment is a plus
  • CRISC, CISA, CISM, or CISSP accreditation preferred. ISACA membership desired
  • Working knowledge of the FFIEC IT Handbook and OCC Heightened Standards a plus