BNY Mellon Careers

SrSpec, Tech Risk Mgmt

Pittsburgh, Pennsylvania

Job Description


Technology Risk Management is a part of the Chief Risk Office, which is the Bank’s second line of defense. TRM partners with business lines to enable technology solutions whilst helping BNY Mellon to effectively manage cyber and information technology risks.


We made risk management agile. We believe that unrestricted collaboration and continuous conscious reprioritization are key to effective execution, so we took an innovative approach to risk management and applied agile practices to manage our daily work.


Here your work makes impact every day. Non-hierarchical organization supports free-flowing communication and empowers employees to take initiative. Your voice is heard and your actions seen.


Continuous development is important for us. We support our employee careers through professional development trainings, stretch goals and feedback culture.

  Your role:  

This is a senior specialist role in the TRM team. This role is based in Pittsburgh with the main responsibilities as follows:

  • Building, improving and maintaining the global Technology Risk Register

  • Overseeing and challenging technology risk practices within the Firm:

    • Risk treatment decisions
    • Mitigation plans
    • Controls improvement prioritization
  • Managing the relationship with First Line of Defense stakeholders

  • Contributing to the development of the organizational technology control and risk management framework and strategy

  • Supporting development of end-to-end technology risk picture of BNY Mellon Services

      What we look for:
  • 5+ years of total experience in IT Risk, IT Audit and/or InfoSec

  • Knowledge of IT Governance, IT Compliance & Audit and/or IT Risk

  • Experience in delivering cross-departmental projects in a global organization

  • Excellent time management skills
  • Open-mindedness, empathic listening and persuasive speaking skills, assertiveness

  • Delivery focus, thriving in a fast-paced, non-hierarchical organization

      Good to have:
  • Experience in implementing a risk register
  • Experience with SNOW (ServiceNow)
  • Knowledge of industry frameworks and best practices (NIST, ISO 27000, OWASP etc.)

  • Information risk and/or security qualification (CISSP, CRISC, CISM, CGEIT or equivalent)

  • Experience in operating in a regulated environment (e.g. financial industry)

  • Experience in setting up and operating technology governance

  • Openness for being a part of a global team



Bachelor s degree or the equivalent combination of education and experience is required. 7-10 years of total work experience preferred. Experience in Technology, Information Security and/or technology risk preferred. Knowledge of security systems and applications preferred. At least one security clearance preferred.
BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer.
Minorities/Females/Individuals With Disabilities/Protected Veterans.

Primary Location: United States-Pennsylvania-Pittsburgh
Internal Jobcode: 85301
Job: Risk
Organization: Technology Risk Mgmt-HR06032
Requisition Number: 1901488