222 Broadway, NY 10038
Technology: Equity, Sales, Research, Capital Markets (SRCM), Prime Brokerage (PB) Technology Risk and Control
WITHIN TECHNOLOGY: providing an independent assessment of risk and control for Senior Management. Working with line management to strengthen the control environment and improve control processes and providing an oversight responsibility across regulatory processes. Maintenance and development of control standards, and monitoring of compliance
Control design review & control effectiveness testing, managing relevant resolution and resiliency planning and embedding a risk awareness culture across the organization. Detailed investigation, analysis and presentation of operational risk events providing education of associates through presentations and workshops.
Designing and deploying independent monitoring and escalation functions across the organization, acting as a bridge between development teams and the Audit function.
Ensuring the control framework is linked as necessary to appropriate Laws, Rules and Regulations (LRR).
Equity, SRCM and PB Technology
Areas covered: Technology Policy and Process (SOX, RCSA etc), Quality Assurance, Internal Audit Reviews, External Reviews (Regulatory), Governance Key Risk Reporting, Issue and Risk Management, Program Deployment, Information Security, Application Lifecycle (Permit to Operate and Permit to Build) and Business Continuity
Specific Technology Risk and Control Functional Role and Deliverables
- Manage Equity, SRCM and PB Technology field of risk and associated remediation including Self-Identified, Audit and Regulatory raised issues.
- Provide data modeling and analysis to allow for visibility into the highest risk to the business
- Manage adherence to the GBAMT risk programs RCSA, SOX, Unified and Critical Applications with QA, Reporting and Governance.
- Manage requirements for application Business Continuity with robust planning and testing.
- Govern applications adherence to the banks policies and standards.
- Oversee compliance to the Global Information Security control programs, policies and standards for Global Technology and Operations
- Governance Key Risk Reporting on a monthly basis to Equity and SRCM Technology.
- Collaborating with the central GBAMT Risk and Control process/program owners create an environment of self-examination, to identify, escalate, debate, and remediate risk
The candidate MUST be proficient in all of the items below but not limited to:
- Ability to work with large datasets and perform data modelling and analysis primarily with some internal data management tools
- Exposure and understanding of Cyber Security
- Minimum Requirements: Advanced Excel, SharePoint Beginner - Intermediate
- Work daily with Application Teams and other technology support partners
- Review new technology risk items and normalize for application teams to remediate
- Self Starter and ability to work on multiple work items at once
- Understanding of target dates and escalation processes
- Make complex and/or unfamiliar technology concepts understood by target groups.
- Manage various GBAMT process and program and control partner requirements including participation to regular routines to ensure timely completion of objectives and process deliverables for technology risk and control.
- Manage the enhancement of the Equities, SRCM and PB Technology QA program working with GBAMT Risk and Control to perform more horizontal and deep dive self assessments. Review/approve the raising & remediation for audit issues (including self-identified)
- Assessing requirements and determining needed actions and final deliverables
- Manage the creation of technology risk items within the enterprise tools, providing review and input to ensure risk are captured at the correct level and contain the relevant information required by various control partners and management
- Providing guidance and coaching to application teams on the use of risk tools and processes
- Ensure processes are in place to remediate technology issues in a timely manner
- Provide input to Key Risk Reporting for technology
- Manage cross functional projects driving communication and coordination across multiple technology development and support teams within Equities, SRCM and PB Technology
Preferred: Microsoft Access, SharePoint Intermediate, any basic programming language
Understanding of the SDLC process a must
Strong communication skills Verbal and Written
Knowledge of the Financial Markets
- Exposure to Technology Risk (COSO/COBIT)
1st shift (United States of America)
Hours Per Week:
Learn more about this role