Risk and Audit Manager

Federal Reserve Bank (FRB)
New York
09 Jul 2021
06 Aug 2021
Employer Sector
Banking & Finance - Retail
Contract Type
Full Time

CompanyFederal Reserve Bank of New YorkWorking at the Federal Reserve Bank of New York positions you at the center of the financial world with a unique perspective on national and international markets and economies. You will work in an environment with a diverse group of experienced professionals to foster and support the safety, soundness, and vitality of our economic and financial systems.What we do:Oversight and Business Operations serves as the Technology Group Chief Operating Office (COO) and center of governance, managing the core daily operations and overseeing critical technology related processes such as compliance with the Product Development Lifecycle (PDLC). It overseestechnology riskand compliance efforts, vendor management, and communications, among other core areas that underpin TGs success. Their guiding principle is to efficiently and effectively run the business of the new TG.Your role as Risk and Audit Manager:As a technology risk specialist, you would be the subject matter expert to identify, assess and interpret technology risk introduced by new infrastructure, tools or applications. With this risk intelligence, engage as the primary conduit and collaborator for risk, control, and audit related activities performed by First-line technology staff in support of the Technology Group (TG), and collaborate and integrate content and risk intelligence from Federal Reserve System (FRS) partner organizations. In addition, you would execute on Second Line of Defense initiatives and guidance through operational processes.Participate in agile squads for development of enhancements to the Banks critical applications to offer risk perspectives and identify technology risks that impact the technology environment and business processes. Build strong relationships with technology subject matter experts within TG and the Federal Reserve Systems National Information Technology Office, and other FRS partner organizations. Build subject matter expertise in Technology Group services, National Information Technology services, and other partner organization services with an impact to the Bank.Provide centralized management and communication for technology risk events. Support risk event identification, investigation, and ensure appropriate remediation of technology risk events impacting business processes by involving appropriate technical and business stakeholders.Provide representation and coordination within TG for audit engagements and reviews on TG. Coordinate with First-line technology to gather the appropriate evidence and to respond to any technology-related recommendations. Track any technology after-actions and provide appropriate communications to all stakeholders.Conduct vendor technology risk assessments for new and existing TG vendors. Leverage vendor reports to identify control gaps in service and report on any findings. Collaborate with vendor management SMEs through vendor management processes and forums.Engage in robust testing of technology controls as part of a broader scope of compliance with the Sarbanes-Oxley Act.Support other TG-related risk assessments by contributing relevant technology risk and control data points and related analyses.What we are looking for:Technical QualificationsExperience in Technology Risk and Control Identification, Analysis, Response, and ReportingMinimum of 6 years of relevantexperience (technology risk and/or audit, control over complex technology systems and processes, leadership of technology control environment, etc.)Knowledge of technology hardware / softwareCRISC, CISA, CGEIT, CRMA, or CIA certifications preferredExperience with risk analytics, and development and maintenance of Technology Key Risk Indicators (KRIs)Understanding / experience with Technology / Technology-related Risk and Control Frameworks (COSO, COBIT, NIST, etc.)Information Systems Auditing / Assurance knowledge helpfulGeneral QualificationsBachelors Degree preferredWork without close supervision in executing somewhat complex tasksAbility to build strong relationships across teams / disciplinesManage multiple priorities and adjusts to changing priorities with minimal directionStrong communication skills, including communication of technical information for business audiences to all levelsBenefits:Our organization offers benefits that are the best fit for you at every stage of your career:Fully paid Pension plan and 401k with Generous MatchComprehensive Insurance Plans (Medical, Dental and Vision including Flexible Spending Accounts and HSA)Subsidized Public Transportation ProgramTuition Assistance ProgramOnsite Fitness & Wellness CenterFlexible Work ArrangementsAndmoreCandidates must undergo an enhanced background check and will be tested for all controlled substances prohibited by federal law, to include marijuana.The Federal Reserve Bank of New York is committed to a diverse workforce and to providing equal employment opportunity to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service.This is not necessarily an exhaustive list of all responsibilities, duties, performance standards or requirements, efforts, skills or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the job or to require that other or different tasks be performed when circumstances change.Full Time / Part TimeFull timeRegular / TemporaryRegularJob Exempt (Yes / No)YesJob CategoryAnalyticalWork ShiftFirst (United States of America)The Federal Reserve Banks believe that diversity and inclusion among our employees is critical to our success as an organization, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. The Federal Reserve Banks are committed to equal employment opportunity for employees and job applicants in compliance with applicable law and to an environment where employees are valued for their differences.Privacy Notice