"Alerted.org

The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status.

Need Help? (https://pp-cdn.phenompeople.com/CareerConnectResources/prod/TBJTBFUS/documents/Career\_site\_FAQ-1758133253710.pdf)

_If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to_ Accessibility ([email protected]?subject=Accommodation%20request)

_(accommodation requests only; other inquiries won't receive a response)._

Regular or Temporary:

Regular

**Language Fluency:** English (Required)

Work Shift:

1st shift (United States of America)

Please review the following job description:

Individual contributor within Truist’s Second Line of Defense (LoD2) Information Risk organization, responsible for executing key risk programs including: RCSA, risk assessments, risk identification, and effective challenge. This role serves as the LoD2 risk representative for Technology, Cyber Security, and Data, advancing the maturity of Truist’s risk programs across these domains. The position focuses on enhancing risk governance, methodology, reporting, and overall program execution to ensure alignment with regulatory expectations and Truist’s risk appetite. Responsibilities include providing oversight and effective challenge of first-line risk and control activities while driving consistent, well governed risk practices across the enterprise.

***For this opportunity, Truist** **will not** **sponsor an applicant for work visa status or employment authorization, nor will we offer any immigration-related support for this position. This includes, but is not limited to:

+ **H-1B,**

+ **F-1 OPT**

+ **F-1 STEM OPT**

+ **F-1 CPT**

+ **J-1**

+ **TN-1**

+ **TN-2**

+ **E-3**

+ **O-1**

+ **Future sponsorship for U.S. lawful permanent residence status**

LOCATION:

Please note that candidate must be located in *or* willing to self-relocate to one of the following locations:

+ **Charlotte, NC**

+ **Richmond, VA**

+ **Atlanta, GA**

Truist 'in office' requirement is **5 days** per week. No full remote or relocation assistance available at this time.

Individual contributor within Truist’s Second Line of Defense (LoD2) Information Risk organization, responsible for executing key risk programs including: RCSA, risk assessments, risk identification, and effective challenge. This role serves as the LoD2 risk representative for Technology, Cyber Security, and Data, advancing the maturity of Truist’s risk programs across these domains. The position focuses on enhancing risk governance, methodology, reporting, and overall program execution to ensure alignment with regulatory expectations and Truist’s risk appetite. Responsibilities include providing oversight and effective challenge of first-line risk and control activities while driving consistent, well governed risk practices across the enterprise.

ESSENTIAL DUTIES AND RESPONSIBILITIES

Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.

1. Provide independent risk oversight (i.e. second line of defense/LOD2) for Truist Technology and related consult to Truist Business Units through the effective identification, mitigation, monitoring and reporting of operational, technology, and compliance related risks within Enterprise Technology.

2. Communicate and drive the Technology Risk Framework and associated Risk Program Office activities in alignment with Truist corporate risk framework and enterprise risk reduction activities.

3. Provide independent assessment and oversight of the maturity of technology and adequacy of technology controls to achieve business outcomes for performance, stability, security and service availability.

4. Strengthen and sustain proactive risk culture through leadership and influence with teammates and business partners and through conducting effective risk focused management and partnership routines.

5. Review and attest to/challenge adequacy of risk assessments of Technology produced by first-line-of-defense Business Unit Risk Management and other risk partners.

6. Ensure effectiveness and structure in regulatory engagement practices, including responses out of Enterprise Technology.

7. Develop and maintain effective channels of communication with Enterprise Technology partners, other risk and control functions, Business Unit (BU) management, as well as regulatory agencies.

8. Drive improved risk measurement and performance monitoring for all Technology Risk domains and Enterprise Technology teams and leverage to monitor and challenge Truist Technology Risk appetite.

9. Recruit, develop and retain high-performing teammates. Develop the knowledge, skills and abilities of teammates directly & indirectly.

Required Qualifications:

The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

1. **Bachelor's Degree** or an equivalent combination of education and experience.

2. **12+ years of banking, technology, operations or risk management experience.**

3. Strong business knowledge, management experience, problem solving and decision-making skills.

4. Excellent interpersonal and communication skills demonstrating the ability to establish credibility with all levels of management effectively.

5. Adept with Microsoft Office products.

Preferred Qualifications:

1. Proven experience with standard 2LOD risk oversight programs including: RCSA, risk assessment, risk identification and effective challenge execution and oversight within a financial services setting.

2. Familiarity with financial services technology-related laws, rules, regulations, and risk management standards (e.g., Federal Financial Institutions Examination Council (FFIEC), Control Objectives for Information and Related Technology (COBIT), Information Technology Infrastructure Library (ITIL)).

3. Familiarity with risk measurement approaches including development of Key Risk Indicators and thresholds and associated reporting and analytics tools (e.g. Tableau, RSA Archer).

4. Demonstrated knowledge in technology risk taxonomy, specifically Cyber & Data.

**General Description of Available Benefits for Eligible Employees of Truist Financial Corporation:** All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist’s generous benefit plans, please visit our Benefits site (https://benefits.truist.com/)

. Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.

_Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace._

EEO is the Law (https://www.eeoc.gov/sites/default/files/2022-10/EEOC\_KnowYourRights\_screen\_reader\_10\_20.pdf)

E-Verify (https://pp-cdn.phenompeople.com/CareerConnectResources/prod/TBJTBFUS/documents/E-Verify\_Participation\_Poster-1757074518541.pdf)

IER Right to Work (https://pp-cdn.phenompeople.com/CareerConnectResources/prod/TBJTBFUS/documents/IER\_RightToWorkPoster-1757074222028.pdf)