Experience level: Midsenior Experience required: 10 Years Education level: Bachelors degree Job function: Information Technology Industry: Financial Services Pay rate : $65 per hour Total position: 1 Relocation assistance: No Visa sponsorship eligibility: No
This role is CTH!
The Embedded Risk Specialist role (ERM)
- Afirst line of defense (FLOD)which consists of the businesses and functional units including Product Management Operations Management IT andother areas critical to daily operation and functioning.
- Partnerand liaisewith the DTCC Control Groups Business FLODs withregard to identifying and assessing inherent risk control effectiveness and residual risk
- Explore opportunitiesto improve the effectiveness of controls while also exploring ways to simplify our processes without increasing residual risk
- Responsible for monitoring and managing risk and liaising with variousentities for audits and supports controltesting efforts.
- Provides guidance to SIFMU and RISK Delivery with submission ofselfidentified findings responding to and complying with DTCC Audit findings.
About this Opportunity
This position is a technical ERM role responsible for providing technical SME support for the ERM and application development teams in SIFMU and Risk for technical companywide initiatives.
ERM Function
- Management to achieve business priorities.
- Coordinate domain response to various control functions and Product Management to support the division
- Provide governance and process support for the division while helping to ensure adherence to internal development processes
- Teamwork partners with other Embedded Risk Manager to identify best practices and monitors adheres to standard processes
- Documentation coordinates process reviews for internal and external audits Compliance Risk Management & Technology assessments using the Process Risks and Controls (PRC) Framework
- Partners with control functions to support audits & assessments; coordinates Management SelfIdentified (MSI) issues and manages the Issue Management process for the domain
- Performs Management Testing to assess control effectiveness and documents results
- Reviews of standards policies and procedures and performs rationalization per compliance guidelines. Supports the development and maintenance of system level documentation
- Performs sustainability assessments and assesses adherence to regulator business & compliance requirements and to the Process Risk and Control framework and identifies solutions to resolve control gaps to support our risk attitude
- Manages process adherence within the division and helps to lead department initiative budget reporting
Management Function Technical and ERM
- The successful candidate must be able to understand the technical interactions of an IT infrastructure to include concepts associated with networks cloud hosting virtual environments data management etc.
- Facilitate technical exchanges with stakeholders to discuss quantify and capture program risks
- Apply sound judgment in facilitation and evaluation of IT risks and mitigation strategies
- Think independently and strategically about potential downstream mission impacts
- Respectfully yet effectively challenge the identification and acceptance of risks to ensure concepts are well thought out and logically documented
- Perform gap assessments of proposed risk mitigation strategies and influence customers towards holistic remediation strategies that address the rootcause issue(s)
- Translate technical jargon into simple to consume concepts for varied stakeholders understanding.
- Perform as a key Technical Advisor for articulating the portfolio of IT Risks and relay challenges to ERMs Applications development teams and senior decision makers.
Qualifications
- Bachelors Degree or industry equivalent work experience
- Minimum 5 years of experience in IT risk management and/or IT audit required
- Broad understanding of Application Security
- Understands / Knowledgeable in the following:
- PEN and FOSS vulnerabilities
- WAS
- Service Accounts Password rotation
- Oracle AWS JAVA Springboot Jenkins Python
- Unix Linux Tomcat Liberty
- Clear communicator with good verbal and written communication skills
- Ability to influence without authority
- Ability to communicate technical concepts to a broad range of technical and nontechnical staff
- Must be able to demonstrate strong technical leadership.
- Continuous proactivity and followthrough
- Ability to prioritize and focus on most urgent tasks & work in a fastpaced IT environment.
- Comfortable working closely with team management to review approaches and requirements that solve business problems.
- Experience with governance risk and compliance projects and program oversight
- Knowledgeable in Agile Development with Scrum Master (or similar) experience
- Ability to balance risks in ambiguous and complex situations
- Demonstrated teamwork and collaboration skills in leading or contributing to global and multifunctional teams
- Highly motivated to contribute and grow within a complex area of emerging importance
- Demonstrates excellent organizational direction time management problemsolving prioritization goal setting leadership motivation negotiation and interpersonal relations
- Works well under pressure and within time/budget constraints to solve problems or meet objectives
- Strong analytical/problem solving skills and cross functional knowledge across multiple IT operational and security disciplines
- Possess a high degree of integrity be trustworthy and have the ability to lead and inspire change
- Experienced in status reporting to management.