IT Embedded Risk Manager (ERM)

IT Embedded Risk Manager (ERM)

Job Location's: Jersey City, NJ or Tampa, FL

Job Grade: Senior Associate

Supervision Exercised: ERM Senior Associate may have the opportunity to supervise junior resources as the team grows.

Must have:

• 3-5 years experience as a risk and control professional within a Big 4 accounting firm, financial service industry, or equivalent.
• Leading discussions with key stakeholders and staff to collect information requests.
• Experience conducting control testing, including issue remediation testing
• Familiarity with process mapping and control identification along with data collection and analytic skills
• Demonstrated ability to work pro-actively with all levels of management and staff
• Excellent inter-personal skills with a highly developed customer service orientation, and ability to work effectively with all levels of internal staff, and external contacts;
• Strong planning and project management skills;
• Strong process mapping and data collection and analysis skills
• BA / BS or equivalent. Advanced degree and/or certification a plus
• Supervision Exercised: ERM Senior Associate may have the opportunity to supervise junior resources as the team grows.

Department/Area Function:

DTCC s Information Technology (IT) Risk Management program is designed to identify, manage, measure and mitigate risks in all IT Capabilities.

• Maintaining and enhancing IT risk management framework. The framework is comprised of tools and processes to help DTCC:
• Identify new risks, changes in risk, or relationships between risks
• Monitor and escalate key matters of risk and control
• Support IT management in maintaining a complete and accurate Process, Risk, and Control library
• Formulating, disseminating and administering IT risk management policy and procedures;
• Providing risk and control consultation and evaluations of control effectiveness to support/ evidence management awareness of the effectiveness of the control environment (i.e., assist management in issue self-identification)
• Liaising with Technology Risk, Information Security, Technology Centers of Excellence and with other subject matter experts within the organization to ensure that risks and appropriate mitigants are identified and communicated throughout the organization.

Position Summary:

An IT PRC Senior Associate has primary responsibility of executing control testing, leading discussions, maintaining relationships with key stakeholders, and support targeted IT risk assessments (where applicable). The incumbent will execute and support day-to-day IT risk management activities (such as risk and controls assessments), manage deadlines and stakeholder expectations, and lead or participate in projects within assigned areas of responsibility. In carrying these responsibilities, the incumbent must work collaboratively with the Embedded Risk Management team, other risk & control functions, as well as with IT line management.

Principal Responsibilities:

Support efforts to identify and manage risk within IT SIFMU & Risk Delivery Department

Develop and strengthen relationships with IT partners and control evaluation functions across the 3 lines of defense

Develop, communicate and ensure adherence to department risk policies, procedures and best practices;

Demonstrate and embed the behaviors and competencies that create a risk management mindset in your organization; a=

Support, and eventually lead, risk management activities including review of policy and procedure documents for alignment with controls, incorporation of changes, etc

Become a central point of contact for risk and compliance items throughout the SIRI organization

Gathering, preparing, and reviewing inputs into reporting (e.g., risk treatment, risk profiles, inherent risk assessments)

IT ERM Senior Associate will be consistently responsible for facilitating the:

Tracking and escalation of compliance items included on the IT Risk & Control Report/ Dashboard

Issue and action closure facilitation including meeting coordination, evidence gathering and review, documentation preparation and review

Control evaluations performed by audit and/or management control testing functions as well as regulatory exams to gather, review, and prepare required evidence

Experience:

3-5 years experience as a risk and control professional within a Big 4 accounting firm, financial service industry, or equivalent.

Leading discussions with key stakeholders and staff to collect information requests.

Experience conducting control testing, including issue remediation testing

Familiarity with process mapping and control identification along with data collection and analytic skills

Knowledge and Skills Required:

Excellent analytical and problem-solving skills

Excellent verbal and written communication skills

Strong technology background

Demonstrated ability to work pro-actively with all levels of management and staff

Highly motivated, detail-oriented, self-starter, who can set priorities, take initiative and work both independently and proactively in a dynamic team environment;

Ability to work under pressure, multitask and be flexible;

Ability/willingness to meet aggressive deadlines and objectives;

Excellent inter-personal skills with a highly developed customer service orientation, and ability to work effectively with all levels of internal staff, and external contacts;

Strong planning and project management skills;

Strong process mapping and data collection and analysis skills

Education, Training &/or Certification:

BA / BS or equivalent. Advanced degree and/or certification a plus

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.