International Banking Client
Office Status: Hybrid
- Perform Information Security and Technology Key Risk Officer duties including monitoring risk and providing oversight and credible challenge of the 1st line control environment.
- Develop and maintain Information Security and Technology policies and standards.
- Collaborate with the business to develop Key Risk and Key Performance Indicators covering Information Security and Information Technology.
- Conduct deep dives/risk assessments/gap analyses, identify opportunities for control enhancement and risk mitigation, and document findings.
- Track remediation plans on material risk events and issues to ensure control gaps are closed.
- Coordinate remediation efforts for risk and control issues and support issue closure or risk acceptances, as needed. Work with action owners to collect and evaluate appropriateness of evidence.
- Support key control committees and groups that govern Information Security and Technology risk.
- Gain a deep understanding of the business’ needs and identify opportunities to strengthen the control environment.
- Participate in the Risk and Control Self-Assessment program and review results conducted by the 1st line to assess whether the proper risks are identified and to verify the effectiveness of the control environment.
- Participate in various ORM Framework enhancement projects (ex. Internal Control Testing, Scenario Analysis).
- Raise awareness in the business lines of the importance of strong security and technology risk management practices and the need for effective controls.
- Prepare presentation materials for client’s leadership, business partners, and regulators.
- Remain current with Information Security and Technology trends and regulatory areas of focus.