This role will work with a team of First Line Risk Management associates responsible for working across Information Technology to develop and implement cutting edge risk solutions to ensure the Bank's continued stability and success.

The IT Risk Officer will partner with IT Senior Leadership and their teams to identify risks in an open, collaborative environment where new ideas and solutions are both welcomed and rewarded. Responsible for providing proactive guidance on potential issues or risks related to their risk management, governance and oversight processes and sharing technology industry risk best practices with an IT Business Unit. Demonstrate expertise on IT Business Unit functions, including data reporting and analytics, data privacy, and data protection. Consult on the design and implementation of appropriate controls to mitigate risks to an acceptable level. In addition, will manage key risk activities and work with stakeholders on new and changing risk programs.

• Risk Consulting: Provides objective oversight of risks through a best-in-class consultative approach using defined methodologies and subject matter expertise. Provides leadership, consultation, and support for risk management. Fosters business unit relationships and implements training to promote engagement in risk management programs, including compliance with all risk policies and standards. Assist with the creation and delivery of presentations, workshops, and other materials as necessary to communicate risk management tactics. Will guide and mentor junior associates in the department.

• Providing support for business programs, initiatives, and leaders. Serves as a consultant on risk best practices, processes, and regulatory requirements. Provides advisory services, preparation, and on-time deliverables during internal or regulatory audits and remediation efforts. Facilitates reporting and interdepartmental collaboration. Raise attention to Leadership concerning risk areas with potential adverse perceptions of the BU.

• Facilitate Risk and Control Self-Assessments (RCSA): Coordinate with Technology SME's, First Line Risk Management teams, and Second Line of Defense (LOD) Risk Management Teams, to facilitate RCSA execution. Leverage applicable risk assessments and remediation work to identify new controls or modify existing controls. Partner with Control Testing teams to ensure RCSAs are tested within the appropriate timeframe. Design and validate controls to reduce technology/security risks. This involves building strong partnerships across LOD's and Information Security risk peers.

• Business Continuity Planning/Business Impact Analysis: In partnership with Information Technology stakeholders and Business Continuity professionals, provide consultation and facilitate the completion of the business continuity plans (BCP) and Business Impact Analysis (BIA).

• Risk Management Proficiency: Maintains a strong knowledge of risk management developments or changes within the organization, industry, and market. Develops active relationships within professional networks to stay current on emerging issues and regulatory requirements. Communicates risk vision and regulatory requirements to applicable stakeholders, including less experienced associates in the work group. Maintain knowledge of IT industry frameworks (e.g., COBIT) and regulatory handbooks (e.g., FFIEC IT Handbooks).

The base pay for this position is relative to your experience but the range is generally $130,826 to $ per year 200,600.

Bachelor's Degree and 6 years of experience in Financial Services, Risk Management, Operational Risk Management, Compliance, Audit, Finance or Accounting OR High School Diploma or GED and 10 years of experience in Financial Services, Risk Management, Operational Risk Management, Compliance, Audit, Finance or Accounting

Preferred Area of Experience: Operational Risk Management in an IT organization

License or Certification Type: Certified in Risk and Information Systems Control (CRISC) Required, Other relevant certification such as CISSP, CDPSE, CISM, CISA Preferred

Skill(s):

• • Knowledge of risk techniques and practices,
  • Ability to work effectively with associates, managers, senior executives, and committees,
  • Knowledge of regulatory guidance pertaining to enterprise risk and operational risk
  • Experience working in IT Business Unit functions, including data reporting and analytics, data privacy, and data protection.
  • Facilitate Risk and Control Self-Assessments (RCSA)
  • Business Continuity Planning/Business Impact Analysis
  • Risk Management Proficiency
  • Risk Oversight & Monitoring