Business Overview & Role Description:
The Cybersecurity and Technology Controls (CTC) organization is responsible for Firmwide cybersecurity, access management, controls and resiliency programs.
The Governance Risk & Control (GRC) organization within CTC is seeking an accomplished and seasoned individual to drive a robust risk and control environment for Global Identity & Access
Management (GIAM), ensuring technology solutions comply with Firmwide risk, controls and regulatory requirements.
The Technology Control Officer for GIAM will have a comprehensive understanding of the overall GIAM risk and control environment and instill appropriate governance to manage and proactively identify issues and changes in the risk profile of the underlying systems. The Technology Control Officer (TCO) will support the Application Development Managers (ADM)/ Application Owners (AO) in understanding the end-to-end risk posture of the applications and infrastructure to ensure appropriate controls are implemented for existing systems, new application development, and ongoing enhancements.
• Drive a risk mitigating culture within GIAM aligned to proactively identify, assess, and manage inherent risks within technology and services.
• Promote innovation within the technology control environment driving control optimization, process efficiency, and improved client experience.
• Strengthen the GIAM control environment through education, collaboration, and oversight.
• Drive effective risk mitigating controls designed, deployed, and monitored by the application owners, developers, and support teams.
• Develop an integrated technology control framework maintaining the appropriate balance between risk mitigation, product growth, and financial returns.
• Collaborate with Audit, Information Risk Management, business control functions, and the GIAM teams to drive transparent, measurable, and sustainable control improvements.
• Partner closely with business and technology stakeholders providing clear direction and guidance to manage risks, optimize returns, and enhance the client experience.
• Proactively work with technology and product managers to identify potential issues and ensure effective remediation.
• Provide leadership and advise on material remediation activities ensuring appropriate resolution of issues.
• Proactive engagement with other LOB Technology Control Officers and IAM Leads.
• Active engagement in risk assessments and control substantiation.
• Collaborate with ADMs/AOs on Internal Audits, SSAE16, SOX, and regulatory assessments.
• 10+ years of technology leadership experience.
• 5+ years of technology security, risk, and audit experience.
• Strong written and verbal communication skills.
• Strong ability to articulate ideas and results in a meaningful and actionable manner
• Flexible, adaptable to shifting priorities; eagerness to work in a fast-paced, results driven, highly dynamic environment
• Experience working with geographically dispersed and culturally diverse teams.
• Proficient with multiple technologies and architectural design principles.
• Proven ability to build strong partnerships with colleagues, desire to learn quickly, be flexible and think strategically
• Project management experience.
• Demonstrated analytical and problem solving skills.
• Experience in business process analysis, documenting gaps and process standardizations. .
• Experience identifying strategic improvements and delivering measurable change.
• Certifications such as CISSP, CISM, CRISC, CISA are preferred.
• Strong organizational skills with ability to effectively multitask.
• Strong interpersonal skills, exceptional relationship building and influencing skills and ability to effectively partner with all levels of management across numerous teams to help drive the control agenda
• Bachelor’s degree, specialized training, or equivalent work experience.