Sr. Specialist, Technology Control Sr. Specialist, Technology Control …

BNY Mellon
à New York, NY, États-Unis
CDI, Plein-temps
Soyez parmi les premiers à postuler
Competitive
BNY Mellon
à New York, NY, États-Unis
CDI, Plein-temps
Soyez parmi les premiers à postuler
Competitive
Sr. Specialist, Technology Control
BNY Mellon Data and Analytics Solutions is a public- and private-cloud-based software and content offering that builds client-centric data, technology, and content capabilities. Operating with the skill and agility of a fintech, Data and Analytics Solutions combines the expertise and resources of the Eagle product suite, Intermediary Analytics, and other BNY Mellon technology and data assets. Moreover, the division further extends BNY Mellon's Asset Servicing capabilities in securities and cash into the world's most important asset class, data. Data and Analytics Solutions helps firms to analyze their data from different vantage points and transform it into actions that can achieve higher alpha and cheaper beta, with lower costs and less risk. Offering an ecosystem of proprietary and third-party business applications, Data and Analytics Solutions helps firms manage their core investment processes and beyond. The Risk and Privacy Analyst is a member of the Data & Analytics Solutions ("D&A") Risk & Privacy team. The team is responsible for 1st line risk oversight of the D&A line of business. The team's mission is to enhance the overall governance, risk and compliance ("GRC") program, ensuring that a risk framework is properly implemented, maintained and communicated, that appropriate controls are adequately designed and deployed, and effectively operated, and that the D&A risk profile is monitored and reported to risk stakeholders. The role holder also supports the local data privacy network and acts as a subject matter expert on privacy in the context of the D&A business. The position requires a solid understanding of the principles of risk management, controls design, implementation, monitoring and testing, with a preferred emphasis on SOC1 and SOC2, and industry standards such as those provided by NIST and the Cloud Security Alliance. The candidate should also possess excellent collaborative and problem-solving skills and an ability to explain risk concepts clearly and concisely to teams and individuals across various business and technology functions. Key Activities/Responsibilities Assist in the ongoing implementation and continuous improvement of a risk assessment program Drive the review and assessment of all relevant enterprise policies, standards, and procedures, identifying those relevant to the line of business and extracting and translating discrete requirements Contribute to the design and delivery of the risk management communications, training and awareness program Support the transition to continuous control monitoring, testing and measurement Manage and maintain documentation library for all risk-related processes and procedures Maintain regular, manual risk reporting for stakeholders; support the transition to self-service reporting Assist with internal and external audits, client assessments and responding to RFPs Responsible for the execution of Risk Framework practices. Uses in-depth knowledge of information technology, risk and control frameworks, risk and control theory and practice, and controls implementation and assessment to determine potential risks to the organization. Manages analysis and draws conclusions in order to recommend and direct any resulting change needed to mitigate risk. Responsible for implementing risk framework and identifying, analyzing, monitoring, reporting, and minimizing information technology risks. Consult and advise on all technology risk matters. Supports related risk programs: audit response, regulatory inquiry and response, etc. Manages complex projects that involve working with the businesses to improve controls to mitigate any deficiencies. Strong written and verbal communication. Communications and organization skills; team work skills. Ability to work independently or with a team. Experience in the securities or financial services industry is a plus. CISA, CISSP or CRISC and ISACA certifications preferred. N/A. Contributes to the achievement of area objectives. Qualifications Bachelor's degree or equivalent combination of education and work experience required. 7-10 years of total work experience preferred. Must have: A solid understanding of Public Cloud fundamentals, certifications are a plus Basic understanding and awareness of Cloud DevOps environments, a.k.a. Continuous Integration (CI)/Continuous Deployment (CD) pipeline Desirable: Experience working in and using Public Cloud environments Competence in the use of Atlassian Confluence and JIRA platforms Previous experience working in control monitoring and testing automation Familiarity with industry standard DevOps tools and techniques Core Capabilities Strong analytical, organizational, and project management skills Strong oral and written communication skills and problem-solving skills Ability to communicate compliance requirements to personnel at all levels of experience and responsibility A results-oriented self-starter that has the ability to work in a fast paced, dynamic environment, often with minimal direction Attention to detail and priority/time management BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer. Minorities/Females/Individuals With Disabilities/Protected Veterans. Our ambition is to build the best global team - one that is representative and inclusive of the diverse talent, clients and communities we work with and serve - and to empower our team to do their best work. We support wellbeing and a balanced life, and offer a range of family-friendly, inclusive employment policies and employee forums. Primary Location: United States-Massachusetts-Wellesley Internal Jobcode: 96428 Job: Information Technology Organization: Architecture And Data-HR16450 Requisition Number: 2111935
BNY  Mellon logo
Offres similaires
Plus d'offres
Close
Loading...
Loading...