Risk

• Serve as second line of defense subject matter expert for cybersecurity and technology risks across operating entities
• Develop and maintain Information Security Risk oversight program to identify, assess, mitigate, manage, monitor and report technology risk
• Perform planned or ad-hoc technical risk reviews and challenge, review Technology or Business initiatives
• Oversee ongoing monitoring, formal review and challenge activities, targeted risk reviews, and technology policy and standard assurance
• Participate in governance committees and working groups (Operational Risk Committee, Technology Executive Working Group, Information Security & Data Management Committee, Architectural Review Board, AI Enablement Working Group)
• Initiate timely escalations to Sr. Director, Cyber & Digital Risk and leadership team
• Contribute to updating or developing policies and frameworks for safe adoption of technologies
• Implement and sustain independent risk oversight of cloud operating platform and vendor software development activities
• Participate in independent oversight of digital transformation initiatives and evaluate new products/projects for information risks
• Participate in evaluation and management of cybersecurity risks related to third-party suppliers
• Advise on remediation of regulatory findings and monitor resolution
• Perform review and challenge of first line risk management processes, data and outcomes and communicate risk opinions
• Analyze risk data to identify levels of risk, concentration, trends and patterns
• Provide second line leadership during response to major technology or cyber incidents and coordinate second line engagement

Director, Cyber and Digital Risk Management

Senior Associate, Technology Risk Management