Risk IT Administration Manager - IT Architecture and Transformation Risk Specialist
- Employer
- Regions Bank
- Location
- Hoover, Alabama
- Salary
- Open
- Posted
- Dec 04, 2023
- Closes
- Jan 04, 2024
Thank you for your interest in a career at Regions. At Regions, we believe associates deserve more than just a job. We believe in offering performance-driven individuals a place where they can build a career --- a place to expect more opportunities. If you are focused on results, dedicated to quality, strength and integrity, and possess the drive to succeed, then we are your employer of choice.
Regions is dedicated to taking appropriate steps to safeguard and protect private and personally identifiable information you submit. The information that you submit will be collected and reviewed by associates, consultants, and vendors of Regions in order to evaluate your qualifications and experience for job opportunities and will not be used for marketing purposes, sold, or shared outside of Regions unless required by law. Such information will be stored in accordance with regulatory requirements and in conjunction with Regions' Retention Schedule for a minimum of three years. You may review, modify, or update your information by visiting and logging into the careers section of the system.
Job Description:
At Regions, the Risk Information Technology (RIT) Administration Manager is a senior member of the Innovation and IT Risk Management organization and performs activities consistent with the second line of defense. This position will influence enterprise innovation and set strategy and vision for management of enterprise IT risk. Additionally, this position will oversee a team of IT risk professionals responsible for enterprise IT risk identification, measurement, mitigation, monitoring, and reporting activities in accordance with the enterprise strategy and IT risk appetite.
Primary Responsibilities
- Oversees a team of IT risk professionals conducting IT project risk assessments and reviews, third-party/vendor IT risk reviews, targeted IT risk assessments, and other project reviews as identified across all aspects of Information Technology, including application development, cyber security, enterprise architecture, business continuity and disaster recovery, and change management
- Manages the development and evolution of standardized IT risk policies and procedures
- Develops Enterprise IT Risk Appetite Statements and supporting metrics and conducts challenges of the first-line risk profile in accordance with approved statements
- Remains abreast of innovative business and technology trends in IT security, risk, and controls, and advises leadership when appropriate
- Develops and manages executive stakeholder relationships, ensuring IT risk personnel are embedded in strategic business units
- Oversees IT risk scanning program to identify applicable regulatory or emerging risks from industry changes or releases to regulatory guidance and requirements
- Manages targeted reviews of internal risk and control assessments on current and/or emerging IT risks
- Develops and oversees program to track and report on Key Risk Indicators (KRI's) for IT
- Uses subject matter expertise to provide independent challenge of Business Units' processes for identification and assessment of IT risks and controls by performing activities such as process-level walkthroughs, control testing, etc.
- Develops and manages reporting to effectively communicate key risks, findings, and recommendations for improvement and discussion of results with key stakeholders and relevant committees including reporting to the Board of Directors
- Provides regular coaching and development of IT Risk Associates on occasion
- Collaborates with management team in the development of goals and objectives
- Assists with internal team audits, ensuring satisfactory performance
- Collaborates with senior analysts, ensuring goals and objectives are attainable and clearly communicated
This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.
Requirements
- Bachelor's degree in related field
- Eight (8) years of experience in IT, system development, and information security
- Advanced understanding of risk management functions, including IT audit, cyber security, and compliance
Preferences
- Certified Information Systems Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)
- Certified in Risk and Information Systems Control (CRISC)
- Experience in a financial institution
Skills and Competencies
- Ability to learn additional systems as needed
- Ability to research, analyze data, and derive facts
- Ability to supervise and manage a team
- Ability to work under pressure and meet deadlines
- Proficiency in Microsoft Office (Excel, Word, PowerPoint, Outlook, etc.)
- Strong verbal, written communication, and organizational skills
- Strong work ethic and self-motivation
- Serves as subject matter expert; provides advisory and consulting services to business, IT, and other risk management areas
- Builds and maintains trusted advisor relationships with influential business and technical decision makers, ensuring proper engagement in strategic initiatives and projects
- Evaluates IT strategies, roadmaps, policies, standards, controls, patterns, etc. for business, technology, and risk management alignment with bank strategies and priorities
- Evaluates the design and modeling of tactical architectures for delivery, development, and support of projects
- Ensures systems and applications are implemented with controls to meet regulatory requirements (GLBA, SOX, HIPAA, FFIEC, etc.) as well as other organizational compliance (PCI) requirements
- Advises and challenges management in the development and evolution of standardized IT risk policies, standards, controls, procedures, patterns, etc.
- Conducts process-level walkthroughs, process and technical diagraming, control testing, design reviews, etc.
- Develops and mentors team members
Preferred Requirements
- Experience of N-tier architectures and complex design architectures
- Experience with technical, application, and information architecture delivery techniques and methodologies
- Experience with Agile methods
- Architecture Certification (TOGAF, SABSA, Zachman, etc.)
- Vendor-specific Cloud Solution Architect or Security certification (AWS, Azure)
Additional Desired Skills and Competencies
- Ability to evaluate design patterns for alignment with business and technology strategies
- Awareness and ability to document designs using internal and external notational standards (Business Process Model and Notation {BPMN}, Unified Modeling Language {UML})
- Thorough understanding of risks associated with virtualization and cloud-based computing and the impact of those technologies on an organization, including security posture
Position Type
Full timeBenefits Information
Regions offers a benefits package that is flexible, comprehensive and recognizes that "one size does not fit all" for benefits-eligible associates. Listed below is a synopsis of the benefits offered by Regions for informational purposes, which is not intended to be a complete summary of plan terms and conditions.
- Paid Vacation/Sick Time
- 401K with Company Match
- Medical, Dental and Vision Benefits
- Disability Benefits
- Health Savings Account
- Flexible Spending Account
- Life Insurance
- Parental Leave
- Employee Assistance Program
- Associate Volunteer Program
Please note, benefits and plans may be changed, amended, or terminated with respect to all or any class of associate at any time. To learn more about Regions' benefits, please click or copy the link below to your browser.
https://www.regions.com/welcometour/benefits.rf
Location Details
Riverchase Operations CenterLocation:
Hoover, AlabamaBring Your Whole Self to Work
We have a passion for creating an inclusive environment that promotes and values diversity of race, color, national origin, religion, age, sexual orientation, gender identity, disability, veteran status, genetic information, sex, pregnancy, and many other primary and secondary dimensions that make each of us unique as individuals and provide valuable perspective that makes us a better company and employer. More importantly, we recognize that creating a workplace where everyone, regardless of background, can do their best work is the right thing to do.
OFCCP Disclosure: Equal Opportunity Employer/Disabled/Veterans