The Enterprise Risk Manager – Technology is responsible for leading a team that develops and coordinates the overall technology risk management framework for the company, performs assessments to identify and manage risks, and creates a sustainable technology risk program and related activities.
The Enterprise Risk Manager is also responsible for aggregating risk data for submission to management and various Committees. Additionally, the ERM Manager will lead a team in analyzing first line business and technology operations to support effective challenge of risk decisions and risk taking and escalating risk trends and issues where required.
In addition to extensive experience in technology risk management, the ideal candidate has broad knowledge of risk management and financial service disciplines, including experience in various technology and data roles, financial services regulatory experience, audit experience, business acumen, and intellectual curiosity to quickly learn the products in the Company’s portfolio.
The primary traits we are seeking in this role are someone who can (a) build relationships across the business, (b) solve problems/opportunities, and (c) communicate effectively with the executive team.
Responsibilities:
● Lead a team who support, contribute to, and facilitate aspects of the company’s Enterprise Risk Management (ERM) program to effectively identify, assess and report on the company’s full range of enterprise and specific risks and obtain engagement across the lines of defense to monitor progress on execution of the ERM operating model
● Set consistent standards for risk framework and policy requirements and conduct effective challenge of 1st Line risk frameworks
● Lead the technology risk program for the Company and provides guidance and requirements to intercompany technology partners to enable the achievement of APS’ technology and security risk objectives
●Provides effective 2nd Line challenge to risk owners, including third party technology providers (e.g., Apple Inc.’s IS&T department)
● Collaborate with the CRO to continue to develop the organization’s ERM program including executing the enterprise risk assessments and quarterly updates, updating the organization’s risk profile and key risk indicators to measure and monitor risks and threats to the organization’s strategic objectives and report to the executive leadership in quarterly meetings
● Develop a risk monitoring program utilizing information obtained from various sources including business areas for consolidated reporting to applicable risk and compliance committees
● Gain strong understanding of the organization’s regulatory commitments to maintain alignment between the ERM program and the operating model
● Lead skills development and performance management of ERM team personnel
● Lead and manage updates to and refinement of the enterprise risk dashboards used for reporting to senior management, the board of directors and the company’s prudential regulators
● Configure (sometimes complex) requirements for risk inventory layout, workflow, notifications, reporting, access control, etc.
● Support risk training and education regarding the enterprise risk framework working with other risk areas; assist with development and rollout of content
Minimum Bachelor’s degree. Concentration in Technology, Risk Management, Business, Finance, or a related field is a plus7+ years of relevant experience in Risk Management, Technology Risk Management, or IT AuditRisk management experience in a large organization requiring collaboration and partnership at all levels of personnelKnowledge of compliance standards, privacy laws and financial regulations with a solid understanding of US technology and security requirementsFamiliarity with risk frameworks and applicable risk governance regulations