Director Non Fin Risk Oversight - Technology & Security
Johnston, Rhode Island; Boston, Massachusetts
Req. Number: 225059
Full/Part Time: F
Shift: 1st Shift
As the Technology and Security Risk Oversight Director, you will lead a team of risk professionals providing independent oversight, review, and challenge of information security and technology related risks across the organization. This leader will advise first line risk partners on complex risk issues and challenges, while identifying and aggregating enterprise-wide risks. The colleague will work with key stakeholders across the organization to ensure material risks within the technology and security space are well defined and managed appropriately. It is expected that this colleague has strong domain knowledge of emerging technology risks, information security standards, best practices, US regulatory requirements, and the external environment.
- This colleague will lead a team of risk professionals focused on the information security and technology space. Primary responsibilities include independent oversight, review, and challenge of risk management activities within the first line of defense, including the effectiveness of the formal risk program activities. These activities include Risk and Control Self-Assessments, Issues Management, Material Risk Identification, Change Management, and other formal programs. Drive accountability within the first line of defense to ensure a strong Risk and Compliance culture and control environment awareness.
- Advise first line risk partners on complex risk issues and challenges, while identifying and assessing aggregate enterprise-wide risks. Working with key stakeholders, including all three lines of defense, escalate emerging risk issues that require remediation and work directly with stakeholders to ensure action plans are appropriate and timely. Maintains strong relationships with all three lines of defense, as well as the regulatory agencies.
- Understand the external environment, including emerging risks within the industry and the priorities of the regulatory agencies. Determine how these changes affect the risk profile of the enterprise and work with appropriate stakeholders to ensure mitigation strategies are underway.
- Participate in the incident response activities to ensure risks are properly assessed in real time and mitigating actions are appropriate. Post incident, lead or participate in root cause analysis and opine on next steps.
- Lead targeted risk assessments on emerging issues to provide an independent opinion on the impact to the enterprise.
- As the first line of defense develops new business strategies and executes new business initiatives, ensure change risk is appropriately management and assess the impact of these activities against how the risk profile of the enterprise is changing.
- Operate within existing governance structures with an eye towards making these processes more efficient and effective. Manage applicable policy and program governance, while performing assurance activities to assess corporate wide compliance.
- The role may be co-located as needed with the relevant business and must be actively engaged to support the business with providing domain-relevant advice, monitoring, and credible expert challenge to ensure the independent Non-Financial Risk Program is effectively implemented.
- 8+ years experience risk management experience from working in financial services industry.
- 8+ years demonstrated domain expertise and experience within the relevant product or services.
- Experience in an organization that is under strong regulatory oversight and scrutiny.
- Proven ability to develop and maintain high impact relationships with senior executives.
- Expert knowledge of internal controls and risk assessment.
- Deep understanding of banking products and operations; regulatory requirements; and key processes, controls, and exposure areas.
- Decisiveness and sound judgment on a consistent basis.
- Capacity to challenge status quo.
- Influencing and conflict resolution skills.
- Excellent business writing skills.
- Proven leadership and management skills in a professional environment.
- Proficient use of MS Word, MS Excel and PowerPoint and Visio.
Education, Certifications/Other Professional Credentials:
- Bachelor’s degree Required
- Master’s Degree Preferred
- Certifications Preferred: Certified Internal Auditor, Certified Regulatory Compliance Manager, Certified Fraud Examiner, Certified Public Accountant, Certified Investments Derivative Auditor, Project Management Professional, Certified in Risk and Information System Controls, or other relevant risk certifications
Hours and Work Schedule:
- Hours per Week: 40
- Work Schedule: Monday-Friday
- Location: Johnston RI or Boston MA
We offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more.View Benefits
Citizens, its parent, subsidiaries, and related companies provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability or perceived disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague’s or a dependent’s reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws.
Equal Employment and Opportunity Employer/Disabled/Veteran
Citizens is a brand name of Citizens Bank, N.A. and each of its respective affiliates.
Citizens is committed to ensuring that all interested candidates can successfully participate in our recruitment process. If you are an individual with a disability or require a reasonable accommodation, please see our Job Seeker Help policy.