-
Director of Technology and Security Risk Oversight
- Fifth Third Bank, NA (Cincinnati, OH)
-
Make banking a Fifth Third better®
We connect great people to great opportunities. Are you ready to take the next step? Discover a career in banking at Fifth Third Bank.
Job Description Summary
Provides risk oversight and credible challenge of Information Technology and Information Security including risk assessment and metrics monitoring.
GENERAL FUNCTION:.
Director Tech and Security Risk Oversight plays in integral role in ensuring information technology, information security and cyber risks are managed within the Bancorp’s risk appetite. Responsible for independent risk oversight of the Information Technology and Information Security division and it’s execution of risk management programs and governance.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
+ Enhance and Mature the Bank's cyber security, technology, and information risk frameworks and assessment methodologies to ensure its alignment with the industry best practice and the regulatory compliance requirements.
+ Keep up to date the regulatory requirements related to the Banking sector including GLBA, PCI, FFIEC, Interagency Guidelines Establishing Information Security Standards, and other related state/federal cyber/information security regulations.
+ Collaborate with stakeholders to more fully develop and articulate the Bank's risk management framework including clarifying roles and responsibilities of three lines of defense and developing and implementing an approach to manage risk within the Bank's risk appetite.
+ Enhance the Bank's capabilities to evaluate, monitor, and respond to key enterprise risks associated with cyber security and information technology.
+ Partner with leaders in Operational Risk, Compliance, Privacy, , Legal, Information Security, IT, and Business Controls support, to ensure execution and improve effectiveness of risk management activities.
+ Represent Fifth Third Bank in industry working groups related information security and cyber security (e.g., FS-ISAC).
+ Challenge 1st line-of-defense risk analysis for cyber security, technology, information risk and privacy topics.
+ Be a key player in driving the maturity of the Bank's information risk and control assessment and monitoring practice.
+ Monitor and verify compliance with enterprise level policy, risk framework and methodology.
+ Effective challenge activities and decisions made by Lines of Business and support areas that materially affect the institution's risk profile.
+ As a second-line of defense, monitor and report aggregate view of technology, information security and cyber residual risk across the organization (to include analysis of risk exposure and consequences including breaches to risk appetite).
+ Alerting operational management to emerging issues, changes to risk appetite, and changing regulatory and risk scenarios (e.g., cyber, privacy, data protection, fraud, resiliency, attack vectors, etc.)
+ Contribute constructively to the overall mission, management, and culture of the Risk Group and the Bank and actively support the Bank's diversity agenda.
+ Effectively communicate technology development, delivery and operations risk and information security risk in business terms.
SUPERVISORY RESPONSIBILITIES:
None
MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:
+ Bachelor's degree, advanced degree, or equivalent work experience.
+ Minimum 5 years experience leading, executing, and governing cyber/information risk and IT assessment programs or related experience.
+ Minimum 5 years experience in managing Risk, strong experience in banking, law, payment processing, and/or financial services regulatory compliance.
+ Relevant Professional certifications, including but not limited to: CISA, CISM, CRISC, CISSP or equivalent are strongly desired.
+ Strong working knowledge of relevant assessment frameworks and/or standards (e.g., ISO/27000 Series, NIST, ISO, COBIT, COSO, PCI, , is preferred.
+ Strong understanding of financial services regulations including GLBA, OCC, and Interagency guidelines establishing information security standards, and other state/Federal confidentiality, privacy, and breach notification laws.
+ Ability to Communicate effectively with senior/Executive management, business leaders, IT, information security, audit, compliance, privacy, and attorneys within the organization.
+ Ability to challenge and promote the adherence to corporate policy goals and frameworks while building working relationships with other 2nd Line of Defense organizations including Compliance, Operational Risk, Legal, IT, Audit, Fraud, etc.
+ Experience in managing Change effectively while maintaining a focus on standard or business-as-usual activities.
+ Strong organizational, project management, and multi-tasking skills with a successful track record of managing expectations, delivering results, and meeting milestones and deadlines.
#LI-GM1
Director of Technology and Security Risk Oversight
LOCATION -- Cincinnati, Ohio 45202
Fifth Third Bank, National Association is proud to have an engaged and inclusive culture and to promote and ensure equal employment opportunity in all employment decisions regardless of race, color, gender, national origin, religion, age, disability, sexual orientation, gender identity, military status, veteran status or any other legally protected status.
-
Recent Searches
- Oracle Fusion HCM Functional (Massachusetts)
- DoD SkillBridge Material Processes (United States)
- hr skills senior analyst (United States)
Recent Jobs
-
Director of Technology and Security Risk Oversight
- Fifth Third Bank, NA (Cincinnati, OH)
-
Software Development Engineer II, AWS DynamoDB, Transactions
- Amazon (Seattle, WA)
-
Substation Physical Engineer
- Leidos (Walled Lake, MI)
-
Senior Associate, Data Scientist - Commercial Bank
- Capital One (Mclean, VA)