Sr Director Technology Risk Management
Job Overview
Job title: Sr Director Technology Risk Management
Company: Yoh
Job description: Search on behalf of client: position must sit onsite either in Boston or Toronto
The Senior Director, Technology Risk Management (TRM), will assist the VP, Global Technology Risk Management & GWAM IRO in planning and delivering a comprehensive TRM strategy and framework across Client, and for monitoring and reporting on the company�s information risk profile. The Senior Director will work collaboratively with the Global Information Services and Divisions to identify and evaluate technology risks across the enterprise; and provide TRM expertise, advice and counsel on emerging risks and the technology risk impact of major change initiatives, process improvements and transformational projects.� The Director will consult with management and decision makers on the efficiency and effectiveness of the control environment to identify gaps and recommend enhancements to reduce Client�s exposure to technology risks.
�
This position will focus on delivering the second line responsibilities for the following TRM areas: IT Asset risk management, IT Change risk management, Data risk management, and Technology Operations and resiliency. These second line responsibilities include providing deep subject matter expertise to develop and maintain and advise on TRM related policies, standards, related framework and guidelines.
�����������������������������������������������������������������������������������������������������������������������������������������������������������
Responsibilities:
� * Provide deep subject matter expertise in Technology Risk management (TRM) areas of focus such as IT asset risk management, IT change risk management, Data risk management, and technology operations and resiliency.
- Develop and update the IT Asset risk management, IT Change risk management, Data risk management, Technology operations and resiliency related policies and standards, framework and guidelines.
- Define and maintain the IT Asset risk management, IT Change risk management, Data risk management, Technology operations and resiliency key and none-key controls.
- Develop and maintain the Information Risk Management Risk Assessment methodology and framework with ensuring alignment to industry, best practices and Manulife target state.
- Manage the implementation of the global TRM strategy, methodology and framework across Client.
- Lead the IT Asset risk management, IT Change risk management, Data risk management, Technology operations and resiliency Global/Enterprise technology risk and control assessments to identify key risks and gaps, and to facilitate the development and tracking of management action plans as required.
- Facilitate the development and maintenance of the information risk appetite (and associated thresholds) for Global Information Services and Divisions in conjunction with Business Unit partners and Operational Risk Management
- Provide technology risk expertise to Global Information Services and Divisions when needed to improve risk-based decision-making:
- Identify key technology risk exposures across the enterprise
- Identify and recommend key controls for key technology risks
- Recommend mitigation strategies
- Participate in the investigation of material technology risk loss events (and related incidents) to assess for potential systemic weaknesses and ensure appropriate corrective action is taken
- Support the development and maintenance of information risk profiles and risk dashboards for Global Information Services and Divisions aligned with enterprise and operational risk reporting; and identify and report on Key Risk Indicators and supporting metrics to support risk reporting
- As a change agent, help lead the behavioral and cultural embedding of TRM across Manulife
- Provide expertise to Global Information Services and Divisions around emerging technology risk topics by carrying out research and reaching out to external sources; and serve as champion for TRM domain best practices
- Provide an integrated view of information risk exposures across the enterprise by collaborating with GIRM COE Leads, Global and Divisional Information Services teams, Global Privacy and Compliance, Operational Risk Management and Audit Services
�����������������������������������������������������������������������������������������������������������������������������������������������������������
Knowledge/Skills/Competencies/Education:
- 15 years progressive experience in Technology Risk Management
- Deep practical expertise in IT Asset Risk Management, Data Risk Management, IT Change Risk Management, IT program execution risk, and Technology operations
- Performed technology risk and control assessments across multi-jurisdictional locations
- Experience with developing and maintaining risk appetite statements and thresholds preferred
- Participated in identifying and reporting on key risk indicators (and supporting metrics) using risk dashboards
- Previous Professional Consulting experience
- Experience in implementing a global information risk and control register
- Previous 2nd Line of Defense experience
- University Degree
- Related professional designation (CA, ITAM, CRISC, PRM, CISSP, CISA, GDPR, etc.) required.
- Demonstrated leadership experience and ability to effectively lead cross-functional teams.
- Excellent communication skills (oral and written) including presentation skills and demonstrated ability to present at all organizational levels
- Innovative problem solving skills with the proven ability to exercise flexibility and judgment in assessing business issues and risks in a dynamic environment
- Strong interpersonal skills, including demonstrated ability in applying sensitivity and professionalism when communicating across geographical and cultural boundaries
- Strong influence and negotiation skills; ability to achieve consensus in a decentralized/federated environment
- Results oriented with the ability to work independently and as part of a team, managing multiple priorities within tight deadlines
- Flexibility to accommodate global project schedules, which may include off-hours conference calls and domestic and international travel that may be required
Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Visit https://www.yoh.com/applicants-with-disabilities to contact us if you are an individual with a disability and require accommodation in the application process.PandoLogic. Category: Finance, Keywords: Risk Management Director00 – 0Full-Time
Expected salary:
Location: Boston, MA – Toronto, ON
Job date: Tue, 30 Mar 2021 05:30:05 GMT