Senior Risk Manager- IT Resiliency Risk

Description

Role Overview

As a Senior Risk Manager in IT Resiliency Risk, you will be responsible for ensuring the robustness and continuity of IT systems and processes within the banking sector. Your role is crucial in maintaining Risk awareness about operational stability due to IT failures or cyber incidents.

Key Responsibilities

Risk Identification and Assessment:

• Conduct comprehensive risk assessments focused on IT resiliency.
• Identify potential points of failure in IT systems and processes.
• Develop and maintain a risk register for tracking and managing identified risks.

Resiliency Planning and Testing:

• Review and assess IT resiliency plans, including disaster recovery and business continuity plans.
• Conduct regular testing of RCSA with respect of resiliency plans to ensure effectiveness.

Governance and Compliance:

• Ensure compliance with regulatory requirements and industry standards (e.g., ISO 22301, NIST).
• Support 2 nd 3 rd LODs activities and reviews to ensure adherence to governance frameworks.

Incident Management:

• Conduct post-incident analysis to identify risk from resiliency perspectives and implement preventive measures.

Reporting and Communication:

• Prepare and present resiliency risk reports to senior management and the board.
• Foster a risk-aware culture within the organization through training and awareness programs.

Innovation and Continuous Improvement:

• Stay updated on the latest trends and advancements in IT resiliency.
• Identify opportunities for innovation in resiliency practices.
• Continuously improve resiliency processes and tools.
• Actively support automation in testing process.

Tools and Resources

• Resiliency Frameworks: ISO 22301, NIST SP 800-34, ANSI TIA, TOGAF 10
• Resiliency Tools: Disaster recovery solutions, business continuity management software, backup and recovery tools.
• Compliance Tools: GRC (Governance, Risk, and Compliance) platforms, audit management software.
• Incident Response Tools: Incident management platforms, forensic analysis tools.

Best Practices

• Regularly update resiliency plans to reflect changes in the IT environment.
• Foster collaboration between IT, security, and business units to ensure comprehensive resiliency management.
• Promote a culture of continuous improvement and innovation in resiliency practices.
• Engage in ongoing professional development to stay current with industry trends and best practices.

Qualifications

• 7+ years of experience in Information Technology, Information Security, Data Management, IT Service Management and Operations and/or IT Resilience
• 7+ years of Audit or Risk Management experience gained from working in financial services industry, preferably in Technology or Information Security.
• Strong business writing skills
• Ability to effectively communicate with all levels of the organization
• Project management skills to support multiple complex assignments
• Strong influencing and negotiating skills
• Proficient use of Microsoft Office Suite

Platform Specific Skills:

• Technical knowledge of various platforms (e.g., Cloud, Microsoft, Unix, Middleware. APPs) for resiliency perspective.
• Writing, Project Mgt, GRC Skills

Education:

• Bachelor's degree or equivalent experience required

Certifications Preferred:

• Certified Information Systems Auditor (CISA)
• Certified in Risk and Information Systems Control (CRISC)
• AWS / Azure Cloud Certifications
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)

Hours and Work Schedule: 3 days in the office, 2 remote

Hours per Week: 40

Work Schedule: 8:00am to 5:00pm

Monday through Friday

Some job boards have started using jobseeker-reported data to estimate salary ranges for roles. If you apply and qualify for this role, a recruiter will discuss accurate pay guidance.

Equal Employment Opportunity

At Citizens we value diversity, equity and inclusion, and treat everyone with respect and professionalism. Employment decisions are based solely on experience, performance, and ability. Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression (including transgender individuals who are transitioning, have transitioned, or are perceived to be transitioning to the gender with which they identify), genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague's or a dependent's reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws.

Equal Employment and Opportunity Employer

Citizens is a brand name of Citizens Bank, N.A. and each of its respective affiliates.

Background Check

Any offer of employment is conditioned upon the candidate successfully passing a background check, which may include initial credit, motor vehicle record, public record, prior employment verification, and criminal background checks. Results of the background check are individually reviewed based upon legal requirements imposed by our regulators and with consideration of the nature and gravity of the background history and the job offered. Any offer of employment will include further information.
<