Issue Management Risk & Control Role

Issue Management Risk & Control Role
Job Location: Dallas, TX
Duration: Full time

Job Description General Aspects

• Safety and Soundness is part of the Personal Banking and Wealth Management Technology Engineering Risk & Controls and Transformation organization. Safety and Soundness (S&S) provides services and products to technology ensuring the oversight and execution of application security and technology governance, risk and compliance. As a member of S&S, you will be an integral member of the Engineering Risk & Controls and Transformation organization. S&S collaborates with other technology, risk and controls, and business leaders to identify and propose solutions that ensure strict adherence to Client policies, standards, and regulatory commitments.
• This position will work closely with technical and application development teams on a day-to-day basis. This position will be required to work collaboratively with development teams to assist with code and application design to ensure security standards are being met consistently.

Responsibilities:

• Client Identification and documentation, root cause analysis, remediation planning, status monitoring and reporting, and closure activities. These activities will be conducted in close partnership with the Business Issue Owners.
• Client Identifying the Business Owner for an issue and engaging key stakeholders from Compliance, Legal, Government and Regulatory Affairs, Finance, CBORC Management, and other relevant support functions as appropriate throughout the issues management process.
• Client Facilitating the initial and ongoing communication, escalation, and resolution process through standardized communication routines and tools.
• Client Assessing and recommending issue severity to drive expectations on resolution activities and timeliness.
• Client providing insight and consultative support to the Business Issue Owner on remediation approaches, timelines, and compensating controls.
• Client Informing and supporting the Business Issue Owner through the managing of project plan and deliverables to ensure issues are resolved and remediated within control limits in the expected timeframes.
• Client Implementing issues data quality and reporting standards in accordance with the NA Issue Management Procedures to ensure that all relevant information, including issue definitions, root cause, remediation, and financial impacts, is captured accurately and is understandable to broader audiences.
• Client Supporting additional oversight and validation routines required by functions such as Internal Audit and Compliance
• Client Ensuring that all relevant issues are tracked in appropriate systems of record
• Client Driving a holistic view of the issue to ensure impacts to other lines of business or functions are identified
• Client Working with the business partners to develop a culture that fosters self-identification of business issues
• Client Experience with engineering secure application systems, application security architecture, version control, automated code testing, database, data de-identification / tokenization, cloud containerization, APIs, application threat modeling, encryption, secure application development, application controls, open-source software, and best practices for application security
• Client Identify and track remediations for code and configuration vulnerabilities, ensuring that security fixes are applied on a timely basis
• Client Analyze application security controls to identify gaps, mitigating/compensating controls, and recommend/implement appropriate means to mitigate security risks
• Client Participate throughout all phases of the system development life cycle process to ensure that security requirements are being met
• Client provide the subject matter expertise and advocate for the security controls needed for designing and enhancing application systems
• Client Partner with Client Technology Infrastructure (CTI) to evaluate and recommend new products and technologies to address current and emerging IS risks affecting supported business (es).
• Client Communicate progress, anticipate bottlenecks, provide escalation management, identify, assess, track and mitigate issues/risks at multiple levels. Recognize discordant views and take part in constructive dialog to resolve them.
• Client appropriately assesses risk when business decisions are made, demonstrating consideration for the firm's reputation and safeguarding Client group, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behaviour, conduct and business practices, and escalating, managing and reporting control issues with transparency.

High level skills.

• Project/Program Mgmt. skills at the advanced/Senior level
• Experience with Enterprise GRC or worked within a Risk and Governance space before
• Audit Experience or Exposure (not a mandate, but nice to have)
• Experience either within a FI OR experience working within an agile development space and familiarity with its ceremonies and idiosyncrasies.
• At LEAST 6-10 years' experience for this role. Senior level experience.