Financial Services - Commercial Banking 

Technical Risk Governance

San Francisco CA

Exp 10-15 yrs

Deg Bachelors

Relo

Bonus

Occasional Travel

Job Description

Responsible for managing the execution and coordination of the operational risk function related to the development and sustainment of technology risk governance across the enterprise and in alignment with the IHC obligations, as well as provide operational risk management support for assigned business area (e.g. IT organization).  Responsible for the development and sustainment of technology risk governance functions including the reporting and analysis of risk.  Responsible to drive the use of empirical methodologies in order to improve decision making processes and help manage operational risk consistent with the Bank's philosophy.  Key liaise with corporate offices such as the Operational Risk Department, Security, Vendor, Compliance, Audit, Legal, and Human Resources as well as with other business units.

Position Accountabilities

1.         Provides leadership in the planning, development and implementation of operational risk frameworks/measurement methodologies, policies, standards and procedures specific to the needs of the enterprise, which are aligned with the Bank's Operational Risk Program and risk appetite and as defined by the Intermediary Holding Company (IHC).  Reviews, analyzes and makes recommendations to the design and implementation of the operational risk management framework.  Partners with all aspects of technology across the organization to provide directions and to ensure sound controls are implemented within the various business groups that provide enterprise technology risk program requirements.  Promotes operational risk awareness. 

2.         Collaborates with assigned business areas to study and investigate operational risk issues and identify and implement solutions.   Analyzes and documents various processes and products, existing or new, by working with the business units to identify key processes and help prioritize additional enhancements to those key processes.   Monitor to ensure key program requirements are being met through analysis of metrics and data.  May assist business units map significant business processes on BNPP's Process Management System (PMS) to ensure mapping is consistent with the Bank's operational risks.  Provide timely updates to Operational Risk and business management to address issues quickly.

3.         Working with key partners, develop enterprise reporting which includes metrics/KRIs, program status, technology risk profile, risk acceptances and other information in order to provide a holistic picture.  Identify enhancements for program tools to support and improve reporting.  Develops new tools, defines requirements, identifies data sources, analyzes data and prepares reports as needed to effectively provide workable solutions or respond to requests for information from Senior/Executive Management, Regulators and BNPP.

4.         Drive enhancements around or partner with SMEs to deliver enhancements to ensure effective management and compliance with company-wide program requirements.  Participates in the development of business units operational risk policies, procedures, risk limits, and approval authorities. Works with management and staff in areas of the organization affected by changes in business practices to ensure understanding and implementation of new operational risk policies and procedures.

5.         Supervises and/or performs periodic testing to determine effectiveness of adherence to the Bank's defined technology risk related requirements, internal policies and best practices.  Support quality assurance sampling and secondary reviews as required.

6.         Responsible for reporting on operational risk framework for business units and regulator, and provides assistance on management/regulatory reporting.  Manages business unit processes for elevating operational risks to more senior levels of management and to Operational Risk.

7.         Consult with business units on implement strategies that involve an assessment of the additional capital that is required to mitigate those risks that are not adequately covered by internal and external losses, BEICFs, and potential loss incidents analysis.  Assists business units with analyzing external historical loss incidents and develop, maintain, and analyze BEICFs (Assessments and Key Risk Indicators [KRIs]).

Qualifications

Required Education or Equivalent Experience

·         Bachelor’s Degree in IT, Security, Risk Management or related field required

·         Master’s/Advanced Degree in Risk Management or IT preferred

Required Experience

·         10 or more years directly related experience combined IT Management or Risk Management experience;

·         5+ years experience working in Technology Risk Management

Field of Experience

General

·         Work independently with minimal supervision

·         Planning, organizing, and directing the staff

·         Problem Solving

·         Personal computer, word processing, presentation software, spreadsheets

·         Must have experience with creating and presenting presentations

·         Analytical and conceptual

Technology Governance

·         Performs oversight of governance for technology related operational risk across the organization to ensure operational risk is identified, assessed, quantified, appropriately mitigated and managed through the lifecycle of the product/service.