Technology Risk Lead

Bank Of America Corporation New York , NY 10007

Posted 2 months ago

Job Description:

Provide analytical support in executing internal control discipline and operational excellence within a LOB/ECF. Gather and organize data in order to monitor and test the effectiveness of key controls and status of mitigation and action plans. Prepare documentation for the tracking, monitoring, and escalation of risk related issues to management. Acts as an ambassador of the risk culture. Incumbents typically have over 5+ years of risk management and/or LOB/ECF experience. May manage staff.


  • Partner with key Technology Managers to monitor and manage various risk programs across the firm

  • Proactively manage risk metrics focus on "at risk" or "exceeding threshold risks" work with technology management to address root causes and remediate as required

  • Support technology teams in supporting firm-wide risk programs (e.g. delivering requested artifacts, verify completeness / accuracy)

  • Partner with technology teams in the execution of Risk Control Self Assessments (RCSA)

  • Identify root causes of reported risks and partner to design remediation plans

  • Coordination with Technology Management in monitoring the execution, collection and completion of SOX control activities Partner with Technology Management and internal audit to identify and report self-identified audit issues

  • Provide support to Technology Management on all phases of audit activities and ensure active engagement with technology management to meet audit objectives. In addition, assist management in the validation of preliminary audit issues and the creation of remediation plans

  • Partner with Technology Management in the execution of quality assurance programs ensure completeness of data and identify and monitor required remediation activities

  • As necessary, acts as a liaison for the department, maintaining effective and professional relationships with key business stakeholders, internal and external auditors, regulators, and others dealt with in a professional capacity.


  • Excellent written and verbal communication skills including Senior management or executive level presentation material development experience

  • Excellent inter-personal, negotiation and influencing skills

  • Strong problem solving and analytical skills

  • Excellent MS-Office skills (including PowerPoint (for presentations) and Excel ( for manipulating large amounts of data)

  • Excellent organizational skills, coupled with ability to be versatile and flexible


  • 7-10 years Technology Audit or Technology Risk experience

  • Proven track record of communicating and presenting to C-level management

  • Strongly prefer experience with FX Trading Technology applications

  • Experience in the execution of Technology Risk Assessments, Audits and SOX 404 and 302 testing

  • Solid understanding of a risk control framework (i.e., inherent risks, control procedures, residual risk, etc.)

  • Ability to identify relevant key risk indicators to measure risk exposures (metrics reporting)

  • Ability to work collaboratively by building consensus and influencing decision making to foster forward progress with projects and initiatives.

  • Strong ability to analyze data to identify thematic issues / areas requiring improvement

  • Persistency, poise and perseverance to get things accomplished under pressure and within the set timelines

  • Interest and track record of ensuring accuracy, clarity and quality of work with attention to detail

  • Deputize for senior managers in various governance forums and committees in both technology and business at a FICC level

  • Understanding and knowledge of NFRR and transaction reporting compliance including industry regulations

  • Understanding of Global records management principles and their implications to the business

  • Detailed knowledge of SDLC and application governance

  • Ability to identify and validate operational losses and the parties impacted and responsible

  • Detailed understanding of Information security and the programs and disciplines that are encompassed in that.

  • Understanding of business continuity and recovery practices and ability to partner and challenge where needed

  • Gravitas to be able to challenge and debate in senior forums on risks and issues identified

  • Understanding of the business controls and compliance functions and the partnership required to be effective.

  • Sound business judgment and the ability to work successfully with all levels of management

  • Demonstrated ability to work independently and within a team

  • Commercial awareness of Bank and its license to operate


Nice to have:


Posting Date: 08/14/2019

Location: New York, NY, BANK OF AMERICA TOWER, ONE BRYANT PARK, - United States

Travel: No

Full / Part-time: Full time

Hours Per Week: 40

Shift: 1st shift

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Director Of Technology Risk Strategy

American Express

Posted 7 days ago

VIEW JOBS 9/11/2019 12:00:00 AM 2019-12-10T00:00 Why American Express? There's a difference between having a job and making a difference. American Express has been making a difference in people's lives for over 160 years, backing them in moments big and small, granting access, tools, and resources to take on their biggest challenges and reap the greatest rewards. We've also made a difference in the lives of our people, providing a culture of learning and collaboration, and helping them with what they need to succeed and thrive. We have their backs as they grow their skills, conquer new challenges, or even take time to spend with their family or community. And when they're ready to take on a new career path, we're right there with them, giving them the guidance and momentum into the best future they envision. Because we believe that the best way to back our customers is to back our people. The powerful backing of American Express. Don't make a difference without it. Don't live life without it. The American Express IT Risk and Information Security organization is currently hiring a Director of Technology Risk Strategy reporting to Vice President of IT Risk Management and Services. This position will be responsible for leading strategic initiatives that support the mission and vision of Technology and ensuring day-to-day activities support organizations goals. Responsibilities Include: * Ownership and governance of the following strategic initiatives: refining strategy, maintaining alignment between outcomes and evolving business strategy, and actively directing execution to deliver promised outcomes and value. * IT Risk and Control Catalog -- including buildout, refinement, and ongoing maintenance of control content against regulations and industry frameworks, in partnership with Information Security and IT subject matter experts. * Threat Catalog and Quantification Index -- including maintenance of dynamic threat data, in partnership with Cyber threat Intelligence, to capture emerging threats and evolving control environment. * Technology Risk Calculator -- including further development of calculation model, integrations, and capabilities. * Risk Treatment policy – including developing the protocols, tooling, and governance processes for risk mitigation and acceptance. * Continuous Controls Monitoring (CCM) and Testing – including governance and program management of CCM and testing of IS and IT controls. Partnering with Cyber Analytics team to buildout and leverage platforms to enable CCM and automated control testing. * Risk Management Tooling * Product ownership of Technology Risk Management tools, responsible for ongoing support and maintenance of tools and utilities and additional development of capabilities. * Driving strategy and roadmap for tooling to support Technology Risk functions and strategic initiatives. * IT Risk & Control Analytics * Partnering with control owners develop and execute strategy for analytics capabilities of IT Risk domains (IT Risk comprises all the non-cybersecurity risk domains of Technology). * Partner with Cyber Analytics * Risk Assessment Strategy * Provide expertise and leadership in relevant risk committees as appropriate on behalf of IT Risk and Information Security * Produce meaningful risk metrics that are consumable by multiple levels in the organization including IS & IT management, Enterprise Risk Management, Executive Management and auditor and regulator Required Work Experience, Education, Certification / Training: * Bachelor's degree * 12-15 years or more of work experience in risk management, information security, compliance, and/or audit * Experienced people leader with demonstrated ability to recruit and retain high performing talent in support of organizational strategy and objectives * Preferred: certifications in information security, audit or risk management are preferred, e.g. CISSP, CRISC, CISA Required Knowledge, Skills and Abilities: * Thorough knowledge of IT processes and controls and a deep understanding of risk and control frameworks e.g. NIST, ISO, CIS Critical Security Controls * Demonstrated ability to quickly pick up new functional and technical areas and provide oversight and direction * Strong analytical skills and thinking, data-driven acumen, proficiency in analysis of risk management data, and knowledge of analytic methods * Good understanding of the organization's goals, objectives, and key cyber threats and risks to those objectives * Knowledge of applicable information security standards and regulatory requirements * Proficiency in technology risk management and information security * Outstanding written and oral communication skills, and ability to adeptly bridge the gap between technical and business context. * Strong interpersonal skills and ability to collaborate effectively * Highly self-motivated and directed, and keen attention to detail Employment eligibility to work with American Express in the U.S. is required as the company will not pursue visa sponsorship for these positions. American Express New York NY

Technology Risk Lead

Bank Of America Corporation