Senior Vice President, Technology Risk Management
BNY Mellon | |
remote work | |
United States, Pennsylvania, Pittsburgh | |
Oct 26, 2024 | |
The Bank of New York Mellon seeks a Senior Vice President, Technology Risk Management for its Pittsburgh, PA, location. DUTIES: Provide risk advisory on Business Services Framework (completeness, accuracy etc.), Business Continuity Planning (BCP), Disaster Recovery (DR), Incident & Crisis Management (ICM), Recovery plans, Strategies to the assigned coverage areas. Implement the Technology Risk Management framework, as it relates to resiliency, in line with enterprise standards and policies. Anticipate, communicate and address impacts from changes to the framework. Perform technology risk management on appropriate risk and control frameworks specific to each area or region, governance, policies, methods, standards, processes and reporting. Coordinate Location Concentration Risk coverage area and enforce a consistent global approach to location concentration risk management reporting and breach treatment. Responsible for maintaining Location Risk Matrix and is accountable for oversight and challenge of Line 1 resiliency related issues and ensuring Line of Businesses meet the Operational Resiliency Risk - Location and Business Function Risk Framework. Coordinate remediation activities for highly complex technology risk issues for the assigned business area, areas or regions. Enforce adherence to existing controls and compliance with laws and regulations and identify opportunities for control methodology revisions. Develop the strategy for interpreting and enforcing technology risk policies pertaining to the assigned area, areas, or regions. Develop organizational technology risk management frameworks and strategies and collaborate with other risk management leaders to prioritize global risks, identify areas to create business value, streamline technology development and identify areas where additional technology risk training is needed. Utilize experience with area or regional laws and regulations to manage existing and anticipated technology risks. Monitor industry leading practices for resiliency risk management to identify enhancements. Use relationships to drive compliance with the technology risk management framework and ensure implementation of all necessary technology risk management improvements and recommendations. Responsible for building a highly effective technology risk culture and establishing and communicating technology risk policies, procedures and guidelines. Remote work may be permitted within a commutable distance from the worksite. REQUIREMENTS: Bachelor's degree, or foreign equivalent, in Electrical Engineering, Electronic Engineering, Computer Engineering, or a related field, and ten (10) years of experience in the job offered or in a related occupation in the financial services industry. Ten (10) years of experience must include: Interpreting technology resiliency risk needs of assigned business area, using Risk and Control Self-Assessment concepts, security systems, and applications; Performing review of gap action closures, Risk Acceptances, and annual concurrences for the assigned business area; Evaluating Line of Businesses' compliance, by conducting resiliency review of Business Continuity plans, covering aspects of Business Impact Analysis, Work Transfer & 3rd Party resilience strategies, and corresponding BC test scripts and results; Analyzing and identifying trends in Business Continuity, Resiliency Risk, Operational Resiliency, Technology Resiliency, Third Party Governance, Disaster Recovery, Incident & Crisis Management, Information Security using technology/resiliency/Operational risk metrics; Assessing internal DR capabilities of business services for disruptions that impact the Data center facilities and core infrastructure components; and Providing oversight and challenge/subject matter expertise of overall resiliency risk management practices, including Business Continuity, Disaster Recovery, Technology Resiliency, Operational Resiliency, Incident & Crisis Management, Information Security, and Third-Party Governance, executed by the assigned Line of Business. Qualified applicants please apply online at https://bnymellon.eightfold.ai/careers and utilize reference code #58849. Please indicate "referral source - advertisement - WEB." |