Director Of Governance, Risk, And Controls

Rockland Trust Plymouth , MA 02361

Posted 7 months ago

Rockland Trust is currently seeking a Director of Governance, Risk, and Controls (GRC). As a member of the Information Security department, this position will be expected to be a thought leader in the maturation of a risk management program using a risk-based approach to generate the greatest value.

Primary responsibility will be to conduct various Application Risk Assessments (ARA) and Device Assessments, properly record those test results in our systems of record, and communicate the test results to the appropriate stakeholders. You will play an important role in engaging respective Application Specialists and Owners across business areas while assessing risk. Your support of the Application Risk and Infrastructure Control Assessment programs will require you to work with application and infrastructure teams to assess controls and evaluate proposed remediation plans for adherence to the controls. You will make recommendations, based on your experience, of how we can automate the way we perform assessments across the firm as we move towards a Continuous Controls Monitoring (CCM) and as we apply other compliance automation tools. You may work on other regulatory and process risk assessment programs as well. Your assessment duties extend to all lines of business in the bank and will include continuously enhancing your knowledge on specific controls across a range of technologies, applications, processes, and infrastructure.

Responsibilities & Duties:

  • Assist with the bank's ongoing technology risk controls assessment programs, test and evaluate the evidence of the controls and identify any significant control deficiencies, work with the appropriate Application Specialists/Owners to identify and assess proposed remediation steps to adhere to those controls, and address other assessment findings where necessary.

  • Assist with other compliance and risk assessment programs, including participating in workshops to improve our ability to identify inherent risk and to adjust the descriptions of and approaches to properly obtain evidence of control effectiveness.

  • Managing individuals to meet expectations of supporting the program.

  • Establishing relationships with all business lines to fulfill the bank's needs in the successful completion of risk assessments.

  • Test the evidence of the technical controls and document the tests in our assessment results systems of record.

  • Conduct Application Risk Assessments (ARA) to gather risk-specific information about technology applications.

  • Conduct initial interviews related to how controls are applied and assist with the identification and testing of controls. Perform testing of the evidence submitted to validate it proves control effectiveness.

  • Conduct Device Assessments to gather specific information across various infrastructure components (networks, storage, voice, etc.)

  • Work with technology teams to gather control design requirements and facilitate discussions to bring to closure identified control issues.

  • Advise Lines of Business (LOBs) of assessment results based on the testing performed and how those results align with the control standards for the organization.

  • Evaluate findings and communicate issues and best practices with the rest of the team and management.

  • Participate in crucial additional projects related to the overall enhancement of the assessment function.

  • Exhibit a continuous learning mindset for security education & awareness.


  • Bachelor's degree, preferably in Information Assurance, Computer Science or Information Technology or equivalent experience

  • Financial services industry, or previous history of successfully navigating a highly regulated and matrixed environment a plus.

  • 3-6 years of internal or external technology audit or risk assessment experience.

  • Have experience with audit and technology risk assessment processes and an understanding of internal controls and how they protect the firm and its clients.

  • Ability to effectively develop and communicate recommendations based on various technical compliance and control assessment results.

  • Detail-oriented with the ability to examine and evaluate processes, controls, and issues to determine risk areas.

  • Ability to eloquently describe and defend the process, followed in performing assessments, and evaluating results to stakeholders and management.

  • Can work independently and can collaborate comfortably in a matrix organization within a broader team.

  • Excellent verbal and written communication skills, including the ability to effectively participate in and sometimes lead discussions and meetings with internal management and other groups involved in technology control assessments.

  • Experience with Archer in the development and maintenance of managing data quality and integrity.

  • Basic project management skills.

  • Exposure to risk frameworks such as ISO, COBIT, and NIST.

  • CISSP, CRISC, CISA, CISM other industry-recognized risk and information assurance certifications preferred.

Our goal is to offer our colleagues the most generous benefits package possible. We strive to provide colleagues with a comprehensive benefits package and an environment that supports a healthy work-life balance. Benefits include: Competitive compensation with performance incentive awards, Health Insurance, Dental Insurance, a 401K and DC Plan for your retirement, LTD & Life Insurance, Day Care Reimbursement, Tuition Assistance for graduate and undergraduate programs, an award winning Wellness program and much more!

At Rockland Trust you'll find a respectful and inclusive environment where everyone is given the chance to succeed. We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, disability status, protected veteran status, or any other characteristic protected by law.

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Director Infection Prevention

Cape Cod Healthcare Inc.

Posted 3 months ago

VIEW JOBS 11/28/2019 12:00:00 AM 2020-02-26T00:00 * Responsible for the management of Cape Cod Healthcare Infection Prevention Department. * Serves as a resource to CCHC leadership, physicians and staff on issues regarding infection prevention and control. * Performs, in collaboration with the Healthcare Epidemiologist and CCHC Infection Prevention Committee, an annual Infection Prevention Risk Assessment and develops a Healthcare wide Infection Prevention and Control Program. * Designs, in collaboration with the CCHC Infection Prevention Committee, the surveillance program for Healthcare associated infections based upon the Infection Prevention Risk Assessment and regulatory agency (TJC/CMS/MADPH) standards. * Develops the methodology for surveillance of Healthcare associated infections utilizing CDC NHSN criteria and benchmarks. * Collaborates with CCHC Information Technology Department regarding implementation of automated surveillance technology for identification of Healthcare associated infection. * Reports to the CDC NHSN those Healthcare associated infections that are mandated by the MADPH and the Betsy Lehman Center for Patient Safety and Prevention of Medical Errors to be publicly reported. Serves as the CDC NHSN Facility Administrator for Cape Cod Healthcare. * Oversees the analysis, interpretation and dissemination of facility specific data on Healthcare associated infection to the Board of Trustees, Senior Management, Physicians, Department Directors/Managers and Staff. Collaborates with administration/physicians/nursing/department heads/managers and staff to devise evidence based prevention programs and corrective action plans as needed. * Manages investigation of outbreaks of Healthcare associated infection, including communication with CCHC Leadership, CCHC Public Relations, Physicians, Department Directors/Managers and staff. * Serves as a liaison between the MADPH and CCHC with regard to reporting of cases/ outbreaks of communicable disease and implementation of control strategies. * Collaborates with CCHC Emergency Management and external agencies in designing and executing the CCHC Epidemic/Bioterrorism Response Plan. * Collaborates with Occupational Health Services in investigation of occupational exposures to communicable diseases and in design/development of infection prevention programs. * Responsible for the formulation and communication of Infection Prevention policies in compliance with accrediting agency standards (TJC, CAP, CMS, MADPH; regulatory agencies standards (EPA, DHS, DOT, FDA, OSHA) and guidelines of governmental agencies (CDC/DHQP, NCIRD-ACIP, DHS) and professional organizations (AAMI, AHRQ, AIA, AORN, APIC, IDSA, SHEA). * Represents infection prevention in planning of new construction or renovation of existing facilities. * Participates in the planning and execution of infection prevention projects and as well as the implementation of new services in accordance with the needs and objectives of the Healthcare. * Recruits, trains and retains staff, as appropriate; effectively supervises employees to achieve the goals and objectives of the organization. Promotes good staffing practices by maximizing the utilization of human resources; maintains on-going communication with department employees as well as effective working relationships with other departments. * Serves as staff to the CCHC Infection Control Committee. Maintains membership and participation in the CCHC Patient Safety and Quality Committee and other Cape Cod Healthcare committees as indicated. * Consistently provides service excellence to all patients, family members, visitors, volunteers and co-workers in a manner that reflects Cape Cod Healthcare's commitment to CARES: compassion, accountability, respect, excellence and service. * Master's Degree. * Five years experience in management of the Infection Prevention Department in a multi-facility system. License to practice Nursing in the Commonwealth of Massachusetts. * Certification in Infection Control. * Working knowledge of federal, state and regional requirements. * Must possess excellent oral, written and analytical skills. Effective problem solving, conflict management and organizational skills. * Clinical competence and the ability to establish respect and rapport with peers, staff, physicians, and administration within Cape Cod Healthcare. Cape Cod Healthcare Inc. Plymouth MA

Director Of Governance, Risk, And Controls

Rockland Trust