This is a remote role that may be hired in several markets across the United States.
This position is responsible for providing independent risk oversight of Technology risk. Successful independent Technology risk oversight is driven by a combination of industry, technology, cybersecurity, and/or Large Bank experience in order to apply Enterprise Risk Management ("ERM") and Operational Risk Management ("ORM") frameworks. Performs effective risk identification, measurement, and assessment activities in the areas of technology Infrastructure and Networking, Cloud and Virtualization, Mainframe, related Architecture, and other domains in technology. Oversees the effective implementation of risk management and assessment activities within the Technology setting, including policies and standards for Risk Identification and Assessment, Risk Control Self Assessments ("RCSAs"), and Key Controls & Mitigation. Collaborates with regulators on continuous monitoring and exam management for business units and enterprise-wide business support groups in order to manage risk cross-functional issues. Establishes and maintains relationships with key internal stakeholders across the Three Lines of Defense, providing support for management and technology governance. Acts as the subject matter expert for technology risk identification, measurement, and assessment activities. Identifies opportunities for program improvement, consistent application of risk principles, and regulatory compliance monitoring. Develops and executes on resolutions of complex problems that require the frequent use of creativity. Uses judgment and risk-based approach within broadly defined policies and practices.
Responsibilities
- Risk Management - Oversees first-line execution of risk management policies, standards, and procedures. Collaborates with other key stakeholders across the organization to ensure appropriateness of and compliance with ERM and ORM program requirements. Maintains productive relationships with key stakeholders to ensure effective engagement. Communicates risk vision and regulatory requirements to stakeholders. Develops relationships and remains active within professional networks to stay abreast of current and emerging issues and relevant trends in technology.
- Subject matter expertise – Provides credible and effective risk-focused review and challenge to technology related business activities, initiatives and risk assessments based on technology domain knowledge and gained expertise in technology areas. Focus areas are Infrastructure and Networking, Cloud and Virtualization, Mainframe, End-user Computing, and related Architecture.
- Committees and Projects - Provides support for other ERM & ORM programs and initiatives. Participates as a risk advisor on project teams or governance structures to provide guidance on risk best practices, processes, and regulatory requirements.
- Audit and Regulatory Support – Assists in managing preparation activities for ORM Internal Audit and regulatory exams. Partners with managers to ensure components are received in a timely manner for posting prior to exam start.
Qualifications
Bachelor's Degree and 6 years of experience in Financial Services, Enterprise Risk Management, Operational Risk Management, Compliance, Audit, Finance, or Accounting OR High School Diploma or GED and 10 years of experience in Financial Services, Enterprise Risk Management, Operational Risk Management, Compliance, Audit, Finance, or Accounting.
- 3 years of experience in Technology Risk Management in a regulated industry.
- Hands-on direct exposure to technology systems infrastructure (e.g., networking, hosting, cloud, virtualization, mainframe).
- Knowledge of regulatory guidance and industry frameworks pertaining to technology related aspects (i.e., FFIEC IT Handbook, NIST, ISO, ITIL, CCM etc.).
Preferred Additional Qualifications
- Relevant industry certifications (e.g., CISSP, CISA, CCSP, CCNA).
- Experience working in Risk Lines in a Large Financial Institution ($100B+ in assets) setting.
- Previous management role in technology functions aligned with IT Infrastructure.
This job posting is expected to remain active for 15 days from the initial posting date listed above. If it is necessary to extend this deadline, the posting will remain active as appropriate. Job postings may come down early due to business need or a high volume of applicants.
The base pay for this position is generally between $105,000.00 and $145,000.00. Actual starting base pay will be determined based on skills, experience, location, and other non-discriminatory factors permitted by law. For some roles, total compensation may also include variable incentives, bonuses, benefits, and/or other awards as outlined in the offer of employment.
First Citizens benefits programs are designed to meet our associates where they are in life. Full-time associates (20+ hours) are offered a comprehensive benefits program, with customized offerings, including those designed to support families, however defined. More information regarding our benefits offerings can be found here: https://jobs.firstcitizens.com/benefits.
#J-18808-Ljbffr