Risk

• Establish themselves as the second line of defense subject matter expert on technology risk management
• Identify and assess technology risks ensure awareness and accountability for their management
• Design and execute independent testing and assurance of technical domains
• Participate in the independent and ongoing risk oversight of key technology components of the firm’s business and strategy initiatives
• Participate in evaluation of new products / Business changes / projects and assess related technology risks and impact to the technology risk profile
• Participate in the evaluation and management of risks related to third-party suppliers involved in technology projects
• Perform review and challenge of first line of defense risk management processes, data and outcomes (e.g. risk assessments, control evaluations, risk metrics, mitigation plans, risk acceptances etc.)
• Analyze IT risk data from various sources to identify and measure levels of risk, concentration, trends and patterns, drive automation, risk analytics & aggregation and risk visualization
• Support process for constructive engagement across the Lines of Defense regarding risk appetite, risk metric determination or evaluation, issue management and action plans
• Advise on remediation of regulatory findings, correction of any inconsistencies and monitor resolution
• Prepare information to enable governance committees / working groups in the management oversight of technology risks
• Initiate timely escalations to the Technology Risk leadership team
• Work across the lines of defense to recommend strategies that effectively treat risks within the risk appetite

Senior Associate, Technology Risk Management

Director, Cyber and Digital Risk Management