Main Content

Manager, Enterprise Risk Management

Position: Manager, Enterprise Risk Management
Reports To: Director, Enterprise Risk Management
Location: New York, NY

Position Summary:

The Manager, Enterprise Risk Management supports the Enterprise Risk Management team in all aspects of the enterprise-wide risk management program. This role will support in executing the organization’s ERM Framework, as well as facilitate interfacing with functional units to establish and communicate risk management methodology, processes, risk appetite and risk culture.

This role will support leadership during a period of rapid organizational change and industry advancement, as well as technical efforts such increasing use of the Cloud. The role will ensure that the company appropriately prioritizes, manages and monitors risk by collaborating with several departments and defining risk ownership. A successful candidate will contribute to the IT Risk Management program by offering knowledge over information technology guidelines, procedures, processes, controls, reporting and leading practices.

Qualifications Required:

  • Bachelor’s degree in finance, business or technology-related field
  • 5-7 years of practical experience in operational IT risk, internal control and compliance, in the financial services industry, supporting enterprise-wide functions and projects, and multi-tasking on projects with competing priorities
  • Applied knowledge over Information Technology operational business processes and industry best practices including areas such as IAM, SDLC, Computer Operations, Security and Vulnerability Management
  • Knowledge of Information Technology Systems, Networks and Cloud, e.g. experience with AWS, MS365, or Azure
  • Ability to understand management objectives, risk appetite, tolerances and impact of changes to risk profiles
  • Excellent aptitude for modern IT Risk & Compliance concepts and methodologies
  • Understanding of the financial regulatory environment for the banking and payment systems industry
  • Experience in IT governance and controls, including governance and control frameworks, such as COBIT, ITIL, FFIEC, COSO or equivalents
  • Maintain current knowledge of new regulations and emerging industry risks and report potential and/or actual enterprise impact to management
  • Ability to work independently and proactively; innovative, resourceful, results oriented, with appropriate judgment

Qualifications Desired:

  • Knowledge of IT risk, security architecture design, network security, cloud/mobile security, data security and internal/external threat intelligence/analysis
  • Experience with new technology trends relating to enterprise level cloud-based development, deployment, and assessment, including PaaS, IaaS, and SaaS
  • Technical certifications such as CISA, CRISC, CGEIT, CCSP, CCSK, SANS SEC545, CISSP, GIAC, CISM, or equivalents are preferred
  • Risk Management related certifications such as ISO-31000 are preferred
  • RSA Archer or other GRC experience
  • MBA preferred in Finance, Business or technology-related field preferred

Essential Functions and Responsibilities:

  • The ERM Manager role is a critical member of the Risk Office and is responsible to contribute towards the design, development, implementation and execution of the ERM Framework in order to establish an effective risk based system to identify, measure, monitor, and control enterprise-wide risks
  • Build, maintain and enhance business relations with department and business stakeholders for the smooth implementation of risk management activities across the organization
  • Monitor and analyze risks within the company's business unit
  • Identify specific IT risk observations and work with affected parties to classify and address the risk issues
  • Act as the IT risk management liaison between various business organizations and risk functions while dealing with IT risk matters
  • Identify, understand and assess Information and Technology risks associated with the operational processes
  • Apply sound judgment in evaluating risks and controls; effectively challenge IT leads on the identification and acceptance of risks and the adequacy of controls
  • Perform risk assessments to identify current and emerging key risks (operational, technology, etc.)

Physical Demands and Work Environment:

Work is generally sedentary in nature, but may require standing and walking. The working environment is generally favorable. Lighting and temperature are adequate, and there are no hazardous or unpleasant conditions caused by noise, dust, etc. Work is generally performed within an office environment, with standard office equipment available. Travel may be required. 

Apply Below*:

  • A letter of interest describing your experience and interest in the position
  • Your resume
  • Names and contact information of three references, or three letters of reference

* Please submit a single application per position.

Submit Your Resume