BNY Mellon Careers

SrSpec, Tech Risk Mgmt (VP Technology Risk)

New York, New York

Job Description

The Information Risk Lead Technical Specialist supports the Information Risk Managers driving the strategic information risk program within TRM and business areas supported, while providing advice and guidance to the Information Risk Analysts. S/he will assist and support Senior Information Risk Managers with the development of strategic program elements and provide input to the TRM risk prioritization. Sh/e will interface with regulators serving as a point of contact for regulatory requests/inquiries.
Drives the strategic technology risk program within a business area, multiple business areas and/or across regions while advising on and guiding technology risk management tasks completed by senior business managers and professional technology risk staff. Drives the interpretation and enforcement of technology risk policies pertaining to the assigned area, areas or regions. Contributes to the development of the organizational technology risk management framework and strategy, and collaborates with other subject matter experts to determine appropriate methods, policies and procedures for enforcing adherence to the framework - as appropriate for each business area or region - and determining impacts from changes to the framework. Is extensively familiar and adept at influencing the assigned business area, multiple business areas and/or regions to drive the enforcement of technology risk policies, standards and regulatory requirements. Applies broad, deep understanding of control and risk management concepts, security systems and applications in order to interpret the technology risk needs of the assigned business area, areas or regions and communicates relevant information, risk management policies, procedures and guidelines. Directs the business area, areas or regions' technology risk and control environment initiatives. Applies understanding of and extensive experience with area or regional laws and regulations to the management of existing and anticipated technology risks. Independently facilitates application risk analyses and comprehensive risk assessments. Assigns project tasks to more junior professionals. Assesses and determines the business area, areas or region's need for additional training and support on technology risk management. Interprets and uses advanced data and reporting from numerous sources to deliver presentations to business unit and/or business partner area leaders and management. Performs the highest complexity analyses and identifies trends using an advanced understanding of technology risk metrics (KRIs, KPIs). Directly contributes to the establishment of business unit and/or business partner area KPIs that ensure compliance with legal and regulatory requirements. Drives efforts to promote a highly effective technology risk culture and to enforce and communicate technology risk policies, procedures and guidelines. Advises the business management and technology risk managers on appropriate use of technology risk support tools to develop technology risk policy content. Uses industry knowledge to influence the choice of tools used by the organization. Executes remediation of highly complex technology risk issues for the assigned business area, areas or regions and assigns tracking tasks to more junior professionals. Enforces adherence to existing controls and compliance with laws and regulations and may assess opportunities for control methodology revisions. Serves as the primary point of contact for technology risk matters for the assigned business area, areas or regions and provides an expert level of written and verbal support to stakeholders. Applies influence to ensure the availability of technology risk input requirements, to build consensus on risk mitigation and remediation strategies among global and regional stakeholder groups and to ensure they are prepared for the business impacts from changes to technology risk policies and standards. Reviews the architecture, design and implementation of network security architecture and relevant security controls for the business area, business areas or regions and decides on the need for adjustments and improvements. Directs information security improvement projects and/or reviews and approves or rejects submissions from IT groups for future projects. Facilitates reviews following the completion of projects to identify resulting security breaks and complete remediation. No direct reports; provides guidance to more junior team members and assigns tasks, as needed. Contributes to the achievement of team objectives. Modified based upon local regulations/requirements.  


Bachelor s degree or the equivalent combination of education and experience is required. 7-10 years of total work experience preferred. Experience in Technology, Information Security and/or technology risk preferred. Knowledge of security systems and applications preferred. At least one security clearance preferred.

For over 230 years, the people of BNY Mellon have been at the forefront of finance, expanding the financial markets while supporting investors throughout the investment lifecycle. BNY Mellon can act as a single point of contact for clients looking to create, trade, hold, manage, service, distribute or restructure investments & safeguards nearly one-fifth of the world's financial assets. BNY Mellon remains one of the safest, most trusted and admired companies. Every day our employees make their mark by helping clients better manage and service their financial assets around the world. Whether providing financial services for institutions, corporations or individual investors, clients count on the people of BNY Mellon across time zones and in 35 countries and more than 100 markets. It's the collective ambition, innovative thinking and exceptionally focused client service paired with a commitment to doing what is right that continues to set us apart. Make your mark:

Risk and Compliance provide risk and compliance services across all BNY Mellon businesses. Organizationally, Risk and Compliance includes the following groups: Risk Management, Compliance, Global Corporate Security, Information Risk Management and Global Business Continuity. Risk Management oversees and delivers risk services and ensures new business risks are reviewed and approved. Risk Management is organized through Chief Risk Offices for each core business and critical operation. Risk managers provide shared support to BNY Mellon for operational risk services for Global Corporate Trust, Depositary Receipts, Treasury Services and Global Operations in EMEA. Compliance helps ensure BNY Mellon's businesses maintain appropriate processes to comply with applicable laws, regulations, BNY Mellon policies and ethics. This is accomplished through business- and business partner-specific teams of professionals, under centralized global management.

BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer.
Minorities/Females/Individuals With Disabilities/Protected Veterans.

Primary Location: United States-New York-New York
Internal Jobcode: 85301
Job: Risk
Organization: Technology Risk Mgmt-HR06032
Requisition Number: 1802866