Director, Internal Risk Management New York City, NY or Commack, Long Island, NY (Hybrid 3 Days in a week onsite)Full TimeWeb Cam Interview $250K/Yr + Bonus Note:
- Candidates should have experience actually managing internal it risk teams, not just 3rd party risk.
- This candidate will oversee all related it risk including 3rd party risk, governance, security, internal policy and cyber.
- Candidates need to have experience in all if not most of these in banking. Candidates who are only third-party risk or security risk will not work. ***banking is a must have.
- Candidates must have extensive risk experience in banking. We need a RISK SME, not a manager with some risk experience in a project or two. ***recent banking risk is required.
REQUIREMENT.
- We need A senior Director of Internal Risk including cyber security, Hardware, Software and systems.
- Candidates should have certifications.
- This director will oversee the risk involved in all new Hardware, software and systems including
- Ensure compliance with all relevant cybersecurity, hardware, and software regulations (e.g., FFIEC, GLBA, SOX, GDPR).
Please provide all the below details with each submittal. It is required for the vendor Management system.
- Number of years working with below skill:
- Total IT experience:
- Years working with: Director, Internal Risk Management
- Years working with: Hardware & Software
- Years working with: Cyber security
- Years working with: Banking or Financial Services
Job Description:
- The Director of Internal Risk will lead the bank's internal risk management efforts, focusing on identifying, assessing, and mitigating risks related to cybersecurity, hardware, and software infrastructure.
- This role is crucial for ensuring the security and integrity of the bank's internal systems, safeguarding critical data, and ensuring regulatory compliance.
- The ideal candidate will have a deep understanding of financial systems, cyber threats, hardware vulnerabilities, and software risks, with experience in managing security protocols and developing risk mitigation strategies within a banking environment.
Key Responsibilities:Risk Strategy & Leadership:
- Develop and implement a comprehensive internal risk management framework, focusing on cybersecurity, hardware, and software systems.
- Lead risk assessments and audits across the bank's IT infrastructure to identify vulnerabilities and threats.
- Collaborate with senior leadership to align risk management strategies with the bank's business objectives.
Cybersecurity Management:
- Oversee the development and execution of cybersecurity policies, standards, and procedures to protect against potential cyber threats, including data breaches, malware, and ransomware.
- Ensure real-time monitoring of network activity to detect and mitigate cyber threats and vulnerabilities.
- Collaborate with the IT team to maintain up-to-date security software and hardware configurations, ensuring the bank's systems meet industry best practices.
Hardware & Software Risk Management:
- Oversee risk management strategies related to hardware, including servers, network devices, and endpoints.
- Ensure the secure and compliant implementation of all software used within the bank, including internal applications, third-party integrations, and customer-facing systems.
- Collaborate with the procurement and IT teams to assess risks associated with new technology acquisitions and deployments.
Incident Response & Crisis Management:
- Lead the internal incident response team to address cybersecurity breaches, system failures, and other internal risks.
- Coordinate post-incident reviews to analyze the root cause and ensure the implementation of corrective actions.
Regulatory Compliance & Reporting:
- Ensure compliance with all relevant cybersecurity, hardware, and software regulations (e.g., FFIEC, GLBA, SOX, GDPR).
- Provide regular reports to senior management and regulatory bodies regarding the status of internal risk management programs.
- Stay updated on emerging regulations, trends, and technologies related to cybersecurity and IT risk management.
Team Leadership & Development:
- Build and lead a team of risk management professionals, providing guidance, training, and mentorship.
- Foster a culture of risk awareness and compliance across all departments within the bank.
Qualifications:
- Bachelor's degree in Information Security, Risk Management, Computer Science, or related field (Master's degree preferred).
- Minimum of 8-10 years of experience in risk management, cybersecurity, or IT security, preferably within the banking or financial services industry.
- Strong knowledge of financial systems, regulatory compliance, and risk assessment methodologies.
- Proficient in managing risks related to cybersecurity, hardware vulnerabilities, and software implementation.
- Certifications such as CISSP, CISM, CRISC, or CISA are highly desirable.
- Proven experience in developing and executing risk management frameworks.
- Strong leadership, communication, and project management skills.
Key Competencies:
- Expertise in cybersecurity frameworks and risk management practices.
- Strong analytical skills with the ability to identify and assess complex risks.
- Ability to work collaboratively with cross-functional teams.
- Excellent communication skills to articulate risks and solutions to technical and non-technical stakeholders.
- Leadership and decision-making skills with the ability to drive change in a complex organization.