Tech Risk and Controls LeadJob Description
Join our dynamic team to navigateplex risk landscapes and fortify technologyernance, making a pivotal impact in our firm's robust risk strategy.
As a Tech Risk & Controls Lead in the Cyber Security Tech Controls (CTC) team, aligned with the Corporate Investment Banking division, you will be an integral part of a cyber risk management function. You will cover technology teams and applications that support various business units within the firm, including sales, trading, operations, risk and research.
You will contribute to the successful identification and management of technology-aligned aspects ofernance, Risk, andpliance (GRC) in line with the firm's standards. Leveraging your broad knowledge in risk management principles and technical experience, you will identify, assess, and monitor risks and the implementation of effective controls. Your role in risk identification, control evaluation, and securityernance is crucial in advising onplex situations and enhancing the firm's risk posture. Through a deep technical aptitude, collaboration and analytical skills, you will contribute to the overall success of the Technology Risk & Services team and ensurepliance with regulatory obligations and industry standards.
Job responsibilities
1. Assess risk, Monitoring & Reporting: Assess, monitor & report technology risks, ensuringpliance with firm standards, regulatory requirements, and industry best practices.
2. Implement controls: Support the implementation of effective controls in collaboration with cross-functional teams and stakeholders.
3. Evaluate controls: Evaluate the effectiveness of existing controls, identify gaps, and rmend improvements to mitigate risks and enhance the firm's risk posture.
4. Analyze/Mitigate: Analyzeplex situations, provide advice on risk management strategies, and support the implementation of risk mitigation measures.
5. Document andmunicate: Document and articulate risks appropriately; raise issues and action plans as appropriate in partnership with application teams.
6. Identify threats: Work closely with application teams to identify attack and threat vectors through threat modelling.
Required qualifications, capabilities, and skills
7. Formal experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on risk identification, assessments, controls testing, and mitigation.
8. Experience in risk identification, assessment, and control evaluation, with a strong understanding of industry standards.
9. Demonstrated ability to analyseplex issues, develop and implement risk mitigation strategies, andmunicate effectively with senior stakeholders.
10. Proficient knowledge of risk management frameworks, regulations, and industry best practices.
11. Good understanding of Software Development Life Cycle (SDLC) pipelines, CI/CD, application resiliency and security, IAM, Data Protection and vulnerability management.
12. Technical ability to gather andbine data from disparate sources to build a cohesive view on risk.
13. Ability to develop and maintain robust relationships bing a trusted partner with LOB technologists to progress toward shared goals.
14. Awareness of key risks in the financial services sector, particularly pertaining to on premise and/or public cloud hosted infrastructure & applications.
15. Enthusiasm for enabling the business to create newernance and controls.
Preferred qualifications, capabilities, and skills
16. CISM, CRISC, CISSP, or other industry-recognized risk certifications.
17. Software / Security engineering background in any modern programming languages and Cloud experience (ideally Amazon Web Services).
18. Ability to think outside the box and proven experience in eliminating toil and crafting efficient processes.
About Us
Morgan is a global leader in financial services, providing strategic advice and products to the world's most prominent corporations,ernments, wealthy individuals and institutional investors. Our first-class business in a first-class way approach to serving clients drives everything we do. We strive to build trusted, long-term partnerships to help our clients achieve their business objectives.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at ourpany. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable amodations for applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Visit our FAQs for more information about requesting an amodation.
About the Team
Our professionals in our Corporate Functions cover a diverse range of areas from finance and risk to human resources and marketing. Our corporate teams are an essential part of ourpany, ensuring that we're setting our businesses, clients, customers and employees up for success. Job ID 300069453428765