- Provides 2nd Line risk oversight of the Information Risk Management Program and provides direct 2nd Line support for the Information Technology, Information Security, Business Continuity Management and Records Management Programs, including policies/standards/procedures, strategies, material risks, risk reporting routines and metrics.
- Independently serves as a trusted partner and risk advisor to key stakeholders and business partners across all lines of defense.
- Credible review and challenge of 1st Line Risk and Control Self-Assessments, including process mapping, identification and assessment of risk, identification of controls, and assessments of control design and effectiveness.
- Provide direct support for regulatory exams and interactions, including assessing risk remediation activities.
- Perform independent risk assessments of information risk management related disciplines, including information technology, information security, business continuity management and disaster recovery and records management.
- Positively contribute to the risk culture and overall awareness of information risk and contribute to the creation and delivery of information risk management training.
- Escalate, report and communicate information risk management matters to executive management and/or regulatory bodies.
- 8+ years of related experience; ideally a combination of Technology Risk (1st or 2nd line), IT Audit (3rd line) and/or 1st line Information Technology or Information Security experience.
- Experience in Banking / Financial Services/Insurance.
- Bachelor's degree in the field of IT, Information Security or related field; Master's degree preferred.
- Must actively hold one or more recognized industry certifications (CISA, CISM, CRISC, etc.)
- Thought leader, strategic and critical thinker, problem solver.
- Ability to work well both independently and collaboratively as a member of the team.
- Ability to multi-task, work in a fast-paced environment and adapt to change.
- Ability to influence with strong written and verbal communication skills.
- Integrity, combined with high personal and professional standards.
- Strong program and project management skills/capabilities
- Risk Management Processes: Risk Identification, Risk Assessment, Risk Treatment Measures including Risk Acceptance, Governance including Measuring/Monitoring/Reporting, Risk Aggregation, Control Assessments & Controls Testing, RCSA, etc.
- Information Technology Processes: asset management, change management, incident/problem management, patch management, Software Development Lifecycle (SDLC), release management, capacity/performance management, data/records management and destruction, backup and recovery, etc.
- Information Security Processes: Identity and access management, privileged access management, generic ID management, threat intelligence, vulnerability management, secure coding practices, data security and encryption, phishing, forensics, mobile security, third-party, etc.
- Business Continuity Management including Business Impact Analysis and Disaster Recovery Planning.
- Technical skills and capabilities (general understanding and/or working knowledge of several of the below examples is a minimum requirement): Microsoft Windows Server/Desktop, Red Hat Linux, IBM AIX, IBM Mainframe/Midrange, VMWare ESXi, LAN/WAN/MAN Networking, Firewall Technologies, Intrusion Detection/Prevention Systems (IDP/IPS), Security Information and Event Management (SIEM), Cloud Computing, Governance Risk and Compliance (GRC) Tools, Web Proxies, SQL/Oracle/DB2 Database Technologies, Data Leakage Protection (DLP), Storage Area Networks (SAN) and Network Attached Storage (NAS), Email Systems, End-User Computing, Web Servers, Middleware Technologies, Microsoft SharePoint.
- Data Analysis skills in Excel, with visualization skills in PowerBI or Tableau a plus
- Regulatory Knowledge: Gramm-Leach Bliley Act (GLBA), Sarbanes-Oxley (SOX), OCC Heightened Standards, FFIEC Guidelines, Health Insurance Portability and Accountability Act (HIPAA), New York Department of Financial Services (NYDFS) Cybersecurity Regulation, EU General Data Protection Regulation (GDPR).
- Knowledge of Industry-Standard Frameworks: NIST Cybersecurity Framework, SAN/CIS Critical Security Controls, ISO 9001/20000/22301/27001/31000, ISACA COBIT, COSO 2013.
- Greater NYC, with Madison Ave Location
- Reports to the Head of CIB Information Risk Management
- Extended hours may be required as dictated by management and business needs.
- Hybrid - 2 days in office, 3 days remote.
-
Consultant - Financial Risk Management
2 days ago
Capco New York, United StatesAls globale Unternehmensberatung mit Fokus auf die Finanzdienstleistungsbranche kombinieren wir bei Capco innovatives Denken mit einzigartigem Know-How. So divers wie unsere Mitatbeiter*, sind auch unsere Lösungen, die wir unseren Kunden anbieten. Bring' Dich ein und setze Deine ...
-
Risk Manager
1 week ago
Bloomberg New York, United StatesRisk Manager - News & Media - Chief Risk Office · New York, NY · Posted May 22, Requisition No · The energy of a newsroom, the pace of a trading floor, the buzz of a recent tech breakthrough; we work hard, and we work fast - while keeping up the quality and accuracy we're know ...
-
Manager Risk Management
6 days ago
Fusion Solutions, LLC New York, United StatesJob Summary: · The Risk Management Manager reports to the hospital's Director of Risk Management. The Risk Management Manager supports the hospital's Department of Risk Management in day-to-day activities, which include, but not limited to: · Managing the online incident reportin ...
-
Risk Manager
6 days ago
Bloomberg New York, United StatesRisk Manager - Core Product - Chief Risk Office · **New York, NY** · Posted May 22, Requisition No · The energy of a newsroom, the pace of a trading floor, the buzz of a recent tech breakthrough; we work hard, and we work fast - while keeping up the quality and accuracy we're ...
-
Risk Manager
1 week ago
Hudson River Trading New York, United StatesHudson River Trading is hiring a Corporate Credit Risk Manager for our NYC office. You will be responsible for designing, improving, managing, and communicating market and liquidity risk for corporate credit-related instruments and strategies. You will own and manage all aspects ...
-
Enterprise Risk Manager
1 week ago
Early Warning New York, United States Full timeAt Early Warning, we've powered and protected the U.S. financial system for over thirty years with cutting-edge solutions like Zelle, PazeSM, and so much more. As a trusted name in payments, we partner with thousands of institutions to increase access to financial services and pr ...
-
Liquidity Risk Manager
2 weeks ago
Morgan Stanley New York, United StatesLiquidity Risk Manager - Analyst Job Number: · Posting Date · :May 21, 2024 Primary Location · :Americas-United States of America-New York-New YorkEducation Level:Bachelor's Degree Job · :Liquidity RiskEmployment Type:Full TimeJob Level:Analyst Description Morgan Stanl ...
-
Operational Risk Manager
1 hour ago
Crédit Agricole CIB New York, United States CDIDescription du poste · Operational Risk professional (1LoD or 2LoD) with at least 7 years of experience, knows and understands well Corporate Investment Banking (CIB) products and services, has experience dealing with regulators, and ability to lead and drive change for effectiv ...
-
Risk Management Consultant
2 weeks ago
Dexian New York, United StatesRisk Management Consultant - RCSA · New York, NY OR Charlotte, NC: Locals Only · 9 + Months · Onsite Day 1: Hybrid Model: 3 Days Onsite Per Week · Must Have: · RCSA: Risk and Control Self-Assessment · In this role, you will: · Write, review, and publish Markets Division documenta ...
-
Clinical Risk Manager
1 week ago
PRA Health Sciences New Jersey, United StatesOverview · ICON plc is a world-leading healthcare intelligence and clinical research organization. We're proud to foster an inclusive environment driving innovation and excellence, and we welcome you to join us on our mission to shape the future of clinical development as a Clin ...
-
Investment Risk Manager
3 weeks ago
Man Group New York, United StatesSpecific responsibilities · Ensure risk is well monitored and supervised across funds, and develop expertise in our risk management processes and infrastructure · Working closely with PMs and investment teams to ensure awareness of the current risk profile and identify tools requ ...
-
Model Risk Manager
6 days ago
IDB Bank New York, United States Full timeCompany Description · For more than 70 years, IDB Bank has made it our mission to be the best bank for our clients by putting their needs first, and the success we've enjoyed fundamentally comes down to our people. Here at IDB, you'll work side by side with some of the most tale ...
-
Financial Risk Management
2 days ago
EY New York, United StatesThe opportunity · to manage a portfolio of talent within a designated service line Excellent training and development prospects, both through established programs and on-the-job training · An excellent team of senior colleagues, dedicated to managing and varying your workload ...
-
Senior Risk Manager – ESG Risk
1 week ago
Natixis Corporate & Investment Banking New York, United StatesThe ERM team for the Americas, supporting the Chief Risk Officer for the Combined US Operations (CUSO), contributes to the development of the activity by facilitating the objectives of the Business Lines while maintaining independent oversight through risk evaluation and monitori ...
-
Risk Management Coordinator
2 weeks ago
Mount Sinai Hospital New York, United States Full timeJob Description · The Risk Management Coordinator reports to the Director of Risk Management and Patient Safety. The Risk Management Coordinator supports the hospital's Department of Risk Management and Patient Safety in day-to-day activities, which include, but not limited to: ...
-
Clinical Risk Manager
2 weeks ago
Mount Sinai Hospital New York, United States Full timeJob Description · The Clinical Risk Manager reports to the Director of Risk Management and Patient Safety and is responsible for reviewing, summarizing, analyzing, presenting and monitoring safety events, claims management, loss prevention and reduction, patient safety related qu ...
-
Operational Risk Management
1 week ago
Adecco New York, United StatesJob Description · Job DescriptionAdecco's Permanent Recruitment team is assisting a large financial institution in New York City, NY. We are seeking a Operational Risk Management - Risk and Control Self-Assessment VP who will be responsible for administering and managing Operatio ...
-
Liquidity Risk Management
2 weeks ago
Mizuho Financial group New York, United StatesSUMMARY: · The Liquidity Risk Management function of Mizuho Americas provides oversight over liquidity and funding risks within the US Operations of Mizuho Financial Group. It is responsible for ensuring compliance with Enhanced Prudential Standards (EPS) liquidity requirements f ...
-
Clinical Risk Manager
2 weeks ago
Mount Sinai Medical Center New York, United States Full time· The Clinical Risk Manager in the Department of Risk Management is responsible for the day to day risk management activities at Mount Sinai Queens including investigating, managing, and analyzing risk management data; complying with risk management standards of the Joint Commis ...
-
Clinical Risk Manager
4 weeks ago
Tandym Group New York, United StatesAn established healthcare system in New York is actively seeking a Clinical Risk Manager to join their growing team · About the Opportunity · Location: Bronx · Specialty: Risk Management · Schedule: Full-time. Monday through Friday, standard business hours · Reporting to: the Di ...
VP- Technology Information Risk Management - New York, United States - Santander
Description
VP- Technology Information Risk Management
Country: United States of America
Functional Summary
Information Risk Management is a 2nd Line oversight function. At BSNY/SANCAP, the Information Risk Management (IRM) team engages in key projects and business/technology initiatives, works with the 1st and 3rd Lines to drive a business aligned, risk-based, cost-effective program designed for the confidentiality, integrity and availability of information, information systems (technology infrastructure, application systems and end-user technology) and information resources in support of business products and processes.
Mutual commitment and shared interests are critical to our success. We value motivated self-starters, diverse perspectives, integrity, adaptability and excellence. We seek capable, experienced, qualified and motivated individuals who seek to advance their own professional goals, by working with us to serve the best interests of our team, the firm and, our customers.
Position Summary
Santander is looking to hire an Information Risk Management VP to become a key member of our Information Risk Management team. We are looking for an experienced candidate with a solid Information Technology risk or audit background and experience in operational risk and managing information technology, information security or similarly complex programs in the Financial Services industry.
The candidate will be part of the 2nd line of defense Information Risk Management team responsible for managing risk frameworks and policy, and providing oversight, review and credible challenge of risk management activities. This role will report to the Head of Information Risk Management.
The individual will partner with key stakeholders across all lines of defense, all business lines and support functions, including IT, IS, Risk, Compliance, Legal, Audit, Human Resources and Finance, to support the identification, assessment, management and reporting of information risks. The individual will work in concert with the operational risk management team, including the vendor risk management and business continuity management teams, to ensure close coordination, integration, transparency and awareness of information risks across all risk management programs.
Primary Responsibilities
Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.
Working Conditions: Frequent Minimal physical effort such as sitting, standing and walking. Occasional moving and lifting equipment and furniture is required to support onsite and offsite meeting setup and teardown. Physically capable of lifting up to fifty pounds, able to bend, kneel, climb ladders.
Employer Rights: This job description does not list all of the job duties of the job. You may be asked by your supervisors or managers to perform other duties. You may be evaluated in part based upon your performance of the tasks listed in this job description. The employer has the right to revise this job description at any time. This job description is not a contract for employment and either you or the employer may terminate at any time for any reason.
For NYC Job Applicants: The base annual salary range for this position is $120,000-$160,000. The exact compensation may vary based on skills, experience, training, licensure and certifications and location.