Senior Managing Director – Information Risk Management

Senior Managing Director – Information Risk Management

Requirements

• Bachelor’s degree in related field required.
• 15+ years of experience in Risk or Audit functions in a banking environment.
• 10 years of experience in leadership and IT project management.
• Managing and Synthesis of complex and potentially conflicting data into simple, actionable reporting.
• Strong familiarity with technology, and an aptitude for learning emerging technologies and how regulatory requirements may evolve.
• Strong written and verbal communication skills – ability to collaborate and communicate up/down and across the organization with internal/external partners.
• Ability to plainly describe risk concepts to first line operational personnel.
• Ability to resolve conflicting opinions without compromising high quality risk management.

Responsibilities

• Implement and execute the Enterprise Risk Management framework for Webster Technology.
• Establish necessary policies and associated standards for Information Technology Risk. Collaborate with the CISO for Information Security and Business Continuity policies.
• Oversees all regulatory exams in Webster Technology. Ensure process owners maintain appropriate documentation such that Webster Technology is always exam ready.
• Manage all policy exceptions and risk acceptances within the risk governance framework, ensuring appropriateness and periodic review.
• Lead the development of integrated and automated Webster Technology risk reporting processes to enable firm-wide aggregation of material risks, issues, KRIs and other data as may be required. Report on a regular basis through appropriate committees.
• Lead the identification of material risks associated with Webster Technology activities in collaboration with IT, and the establishment of necessary operating procedures and technical standards to mitigate these risks and comply with policies and standards.
• Manages and educates process owner education on control design, self-assessment processes, control testing, and identifying KPIs and KRIs.
• Maintains overall Webster Technology process taxonomy. Leads the integration with the central GRC platform.
• Leads the organization to adapt risk and audit processes and practices to align to an agile operating model.
• Influences and partners in defining enterprise-wide risk appetite for appropriate risk types.
• Single point of escalation to the second line for non-compliance to policies and standards. Monitor the status of issues owned by Webster Technology to ensure timely resolution.
• In partnership with legal and compliance, monitor for new legal requirements and communicate across Webster Technology as required. Monitor progress toward implementation.
• In collaboration with the second line, monitor for new regulatory guidance associated with Webster Technology activities.
• Collaborate with enterprise risk management and legal to document management responses to regulatory exam findings.

Preferred Qualifications

• CISA or CISSP desired.