Preloader Close
Finance, Technology

VP Technology Risk and Controls

HYBRID Plano, TX Tampa, FL Wilmington, DE

This team is responsible for assessing the bank’s technology platforms to identify potential security risks and ensuring that all platforms are ready and secure for adoption, implementing remediation measures as needed to maintain the highest level of cyber security and technology control.

This role will be performing testing around IT General and Application Controls which will require liaising with various stakeholders — including Technology Management, Technology Risk & Controls as well as external/internal auditors — to help facilitate execution and reporting across the global technology and technology risk functions. Successful execution of responsibilities requires IT Audit experience and the ability to multiple stakeholders at all levels (e.g., Product Owners, Engineers, etc.)

Job Responsibilities:

  • Assess and perform IT general control and application control testing; facilitate identification of findings, relevant compensating controls, remediation, validation, and closure of findings within defined timeframes
  • Lead the execution of multiple controls adoption readiness assessments performed by various members of the team
  • Evaluate the functionality of existing and new technology platforms to drive adherence to control standards
  • Track and communicate the overall progress of various programs, ensuring complete and timely reporting on program status to senior management stakeholders
  • Identify and facilitate remediation of key risks impacting controls audits prior to initiation of external audit
  • Work with internal and external stakeholders to understand and document various current-state control processes and process flows
  • Examine results of internal/external audits for potential cross-impacts on other programs
  • Promote development of educational guidance & resources for use by Technology Risk & Controls and Technology personnel
  • Ensure quality standards are achieved in the development and maintenance of program documentation

Required Qualifications, Capabilities, and Skills :

  • 7+ years of IT controls experience as a practitioner / lead with a “Big Four” or top IT consulting firm.  Manager level audit experience is required.
  • Hands-on experience in performing audits of IT general controls and testing (SOx / SOC 1 / SOC 2), including but limited to: IT infrastructure layers such as OS (Linux, Unix, Windows) and databases (Oracle, MySQL, etc.)
  • Hands-on experience with auditing:
    • Public/private Cloud technologies (Cloud Foundry, AWS, Azure, GCP, etc.)
    • Technology platforms (ServiceNow, Jenkins, SailPoint, etc
  • Strong capacity for interpreting architecture diagrams and understanding new technologies, both through workshops and independent research, in order to scope and identify areas of potential control bypass
  • Proficiency in information security domains, including policies and standards, risk and control assessments, access controls, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management, and data protection
  • Ability to identify and define key control risks and recommend solutions to increase the technology controls posture
  • Ability to simultaneously lead multiple on-going assessments across different groups of stakeholders
  • History of successfully leading teams and developing the skillsets of the individuals reporting into you
  • Good presentation skills. Strong organizational, verbal and written — including documentation and reporting — communication skills
  • Ability to lead meetings, problem solving to identify solutions to issues and deliver quality results in a deadline-driven environment .Ability to work effectively in a global team environment and drive results in a matrixed organization