Risk & Compliance Platform Manager - 100% Remote As the
Risk & Compliance Platform Manager for the firm, your primary responsibilities will be to develop, optimize, and oversee the technologies used to manage our risks, including designing and enhancing our GRC platform's technical roadmap, and designing technologies that aid our Data Privacy Officer's mandate. The role reports to the VP of Compliance & Privacy as your business leader in various risk management strategies for the firm overall. You proactively engage stakeholders to understand internal and external needs, fulfilling requirements with a focus on enabling technologies that measure our internal compliance, privacy, and cyber reporting. This includes evolving and enhancing our GRC technologies, and rationally communicating our risk technology and implementation priorities.
Responsibilities - Evolve our compliance controls and create key performance indicators for the success of our governance
- Develop solutions to improve new and existing GRC systems and processes
- Design and implement effective processes that facilitate real-time visibility and enable more efficient engagement with audit partners
- Maintain technical and business skills and knowledge of market trends and competitive insights; collaborate and share with the risk owners across the business
Collaboration, Mentoring, and Communication - Acknowledged for driving decisions collaboratively, resolving conflicts and ensuring follow through with exceptional verbal and written communication skills
- Ability to orchestrate, lead, and influence virtual teams, ensuring successful maturation of processes and controls
- Presentation skills with a high degree of comfort with both large and small audiences (Senior Executives, IT management, Credit, Legal, Cyber, Facilities)
Requirements - 10+ years IT experience focused on cyber, BCP, compliance technologies
- 3+ years of exposure to privacy related tools to adhere to i CCPA or GDPR regulated business
- Relevant certifications in compliance, risk management, privacy, or cybersecurity are preferred that may include CISSP, ISSAP, ISSMP, CRISC, CISA, or CISM
- Experience working across functions that may include cyber risk, BCP, audit, credit risk, legal, and other business lines that are reliant on your platforms
- Experience successfully converting policies and compliance controls into automated monitoring via GRC platforms to adhere to leading standards such as PCI, HIPAA, HITRUST, NIST 800-53, and SSAE18
- Be an evangelist with stakeholders, partners, and project teams to ensure privacy by design and automated compliance are embedded in our new initiatives
Subject matter expertise in one or more of the following:
- IT systems that address Third party risk management, screening for sanctions, Know your customer (KYC), Politically exposed person (PEP), and other important considerations
- Internal risk assessments with recommendations for reduction of risks through technology investment
- Strong familiarity with the various US States Privacy Laws, such as CCPA, and those of GDPR in Europe and how those standards will influence IT designs
- Experience deploying and maintaining a leading GRC platform such as Diligent, Audit Board, Archer, Workiva, or others
- Experience with data protection techniques and tools