Overview Responsible for overseeing the identification, evaluation, and mitigation of technical risks across the Digital's systems, products and infrastructure. Plays a critical part in ensuring that technology-related risks are adequately managed, compliant with regulatory requirements, and aligned with the organization's overall risk management strategy. Manages professionals and/or leaders and is accountable for the performance and results of a team. Decisions are guided by policies, resources and business plan. Develop, manage and guide execution of operational initiatives to achieve tactical objectives. The Manager will work closely with ETS, Security, and other stakeholders to foster a collaborative approach to help reduce risk to Navy Federal and increase our security posture. This role demands the ability to lead by influence, build strong cross functional partnerships, and drive the organization toward a secure, resilient, and compliant technical environment. Responsibilities
- Support Digital Risk Officer with the development and execution of the organization's technical risk governance strategy, ensuring alignment with overall business objectives and security priorities
- Identify and assess technical risks associated with systems, products, applications, networks, and infrastructure
- Act as a trusted advisor to help business teams implement best practices in risk mitigation and remediation
- Conduct regular risk assessments to identify, monitor, and manage risks associated with the use, ownership, operation, involvement, influence, and development / adoption of technology within an enterprise
- Conduct risk assessments and reviews of external partners, ensuring compliance with contractual and regulatory requirements
- Oversee assessment, and prioritization of deficiencies across systems, applications, and infrastructure, and lead the development of effective remediation strategies in collaboration with technical teams
- Work with Digital product teams to analyze emerging technologies and their associated risks
- Collaborate with business and technical teams to ensure that security, compliance, and risk mitigation are seamlessly embedded in transformation strategies
- Work with cybersecurity, ETS and Digital Engineering teams to address vulnerabilities and improve overall security posture
- Develop and implement risk mitigation strategies to reduce the impact of technical risks on the organization
- Design and deploy Digital controls, processes, and procedures to manage identified risks
- Ensure that technical systems adhere to industry best practices and regulatory standards (e.g., ISO, NIST, GDPR)
- Develop and maintain technical risk management policies, procedures, and frameworks
- Ensure compliance with internal policies and external regulations (e.g., data privacy, cybersecurity laws)
- Collaborate with legal, compliance, and internal audit teams to ensure alignment on technical risk issues
- Lead and coordinate the response to technical incidents and breaches, including root cause analysis and remediation efforts
- Collaborate with cross-functional teams including IT, operations, compliance, and business units to communicate risks and provide guidance on mitigation strategies
- Present technical risk reports to senior management and board members, highlighting key risk areas and proposed actions
- Establish processes for continuous monitoring of key technical risks
- Produce regular risk reports, dashboards, and metrics to provide visibility into the organization's technical risk landscape
- Stay up-to-date with the latest industry trends, regulations, and best practices to continuously improve the risk management function
- Evaluate and manage risks associated with third-party vendors and service providers
- Lead and mentor a team of technical risk analysts
- Provide ongoing training and development opportunities to ensure the team is up-to-date on the latest risk management practices and technologies
Qualifications
- College/university degree and 5-7 years work experience; 1 - 3 years of management experience
- Proven experience working with cross functional teams in a fast-paced, technology-driven environment
- Experience in technical risk management, IT security, or related roles
- Broad knowledge of risk management frameworks (e.g., ISO 31000, NIST Cybersecurity Framework)
- Broad knowledge of security technologies (e.g., firewalls, intrusion detection systems, encryption)
- Excellent problem-solving, analytical, and decision-making skills
- Excellent communication skills with the ability to present complex technical information to non-technical stakeholders
- Broad knowledge of Risk management
- Broad knowledge of Cybersecurity risk
- Broad knowledge of interworking's of IT systems and network architecture
- Compliance and regulatory understanding
- Incident and Problem Management experience
- Experience with technical auditing and assessments
- Demonstrated leadership and team management experience
- Ability to guide, influence and persuade others, primarily internally
Desired Qualifications
- Banking/financial industry standards and practices
- Knowledge of NFCU products, services, programs, policies, and procedures
- Certification in appropriate area: PMP, ITIL, SAFe5, etc.
- Certified Information Systems Security Professional (CISSP)
- Certified in Risk and Information Systems Control (CRISC)
Hours: Monday - Friday, 8:00AM - 4:30PM Locations: 820 Follin Lane, Vienna, VA 22180 About Us Navy Federal provides much more than a job. We provide a meaningful career experience, including a culture that is energized, engaged and committed; and fierce appreciation for our teams, who are rewarded with highly competitive pay and generous benefits and perks.
* Best Companies for Latinos to Work for 2024
* Computerworld Best Places to Work in IT
* Forbes 2024 America's Best Large Employers
* Forbes 2023 The Best Employers for New Grads
*
Fortune Best Workplaces for Millennials 2023
*
Fortune Best Workplaces for Women 2023
*
Fortune 100 Best Companies to Work For 2024
* Military Times 2023 Best for Vets Employers
* Newsweek Most Loved Workplaces
* Ripplematch Campus Forward Award - Excellence in Early Career Hiring
* Yello and WayUp Top 100 Internship Programs
From
Fortune. 2024
Fortune Media IP Limited. All rights reserved. Used under license.
Fortune and
Fortune Media IP Limited are not affiliated with, and do not endorse products or services of, Navy Federal Credit Union.
Equal Employment Opportunity: Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability EOE/AA/M/F/Veteran/Disability
Hybrid Workplace: Navy Federal Credit Union is a hybrid workplace, and details will be discussed during your interview process.
Disclaimers: Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position. Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team's discretion based on qualified applicant volume. Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position
Bank Secrecy Act: Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.
|