Senior Cybersecurity Operational Risk Officer

Role Overview

• Evaluate risk and control identification within key processes and perform gap assessments on control coverage as well as first line of defense identification processes
• Collaborate with leaders to gain insights on operational performance, emerging risks and strategic initiatives while identifying opportunities for improvement.
• Evaluate and monitor projects, strategic initiatives, and new technologies to ensure alignment with risk tolerance and business goals.
• Review risks, controls and, conduct assessments to support effective oversight and compliance with risk management requirements.
• Oversee the technology portfolio, assessing projects and initiatives to ensure alignment with risk appetite and adequate mitigation strategies.
• Support and enhance the overall risk oversight framework by developing and updating oversight practices.
• Partner with various teams to influence the implementation of operational practices to mitigate risk within appetite.
• Provide expert advice on risk management practices, offering practical solutions to mitigate identified risks.
• Analyze and assess risks associated with new products or services including third parties.
• Assist with audits and regulatory examinations, ensuring through and timely responses to inquiries and findings.
• Foster positive relationships with business partners and senior management ensuring open communication on risk matters.
• Escalate and report any significant risk issues and facilitate appropriate corrective actions.
• Perform ongoing monitoring of emerging risks, industry and regulatory trends.

Requirements

• Bachelor’s degree in business, finance, technology, or economics or commensurate/relevant degree is required.
• Minimum of 5 years industry experience, within Operational Risk, Enterprise Risk, Technology Risk, Information Security Risk, External/Internal Audit or in the technology or information security lines of business.
• Outstanding active listening skills
• Demonstrated ability to work with internal and external auditors and regulators.
• Ability to think strategically coupled with the ability to drive to execution
• Ability to view risk holistically within a dynamic, fast paced team environment
• In-depth practical knowledge of internal controls, risk assessments and operational and compliance processes, and applicable techniques for implementation of compliance and legal requirements and operational processes.
• Familiarity with Microsoft Office tools such as Excel, Teams, and the proven ability to learn how to use other unique technologies.
• Capable of conducting in depth testing of systems, processes and controls
• Manage workflows and task assignment to ensure timely completion of work
• Have an execution oriented, process efficiency and continuous improvement mindset
• Possessing intellectual curiosity and a passion for seeking to understand
• Proven ability to have, maintain, and establish strong contacts within the industry so as to be aware of current industry issues and practices.
• Applicable certifications such as: ISACA: CISA, CRISC, CET, CGEIT, CISM ISC2: CISSP, CCSP, SSCP Cloud Security Alliance Certs: CCAK Cloud Provider-Specific Certifications

Tech Stack

• Cloud

Benefits

• eligibility for incentive compensation which may include production, commission, and/or discretionary incentives
• flexible options in circumstances where roles can be performed effectively in a mobile environment