Flagstar Bank
Technology Risk Management Analyst Sr
Flagstar Bank, New York, New York, United States, 10004
Pay Range: 112- 140K
JOB SUMMARY
As a key member of the second line of defense Technology, Cyber, Third Party Risk Management & Resilience Risk Management team, the Technology Risk Senior Analyst will support the Technology Risk team to fulfill the Bank’s Second Line of Defense (“2LoD”) mandate to identify, measure, monitor, and manage the Information Technology (“IT”) risk profile of the Bank, ensuring risk exposure remains within the Bank’s established risk appetite. Demonstrate independent, effective, outcome-based oversight and challenge for the risk domains within the First Line of Defense (“1LoD”) IT Risk, IT Infrastructure and Architecture teams, IT business technology teams.
JOB RESPONSIBILITIES
Provide independent, proactive oversight and challenge of IT risk management at the Bank through execution of risk framework elements including RCSA, control assessment, issue management, incident reviews, targeted deep dives, key risk indicators Assess and report IT risk profile based on quantitative and qualitative risk measures and including assessment of effectiveness of planned remediation/mitigation of excess risk exposure Provide feedback to IT Risk and other IT teams on risks, controls, testing, root cause analysis, remediation and reporting Uses independent judgement and discretion to make suggestions to team leaders (about the applicability risks and necessary controls). Analyzes and resolves problems pertaining to (differing views of risks/controls and due diligence relating to third parties)
ADDITIONAL ACCOUNTABILITIES Performs special projects, and additional duties and responsibilities as required. Consistently adheres to regulatory and compliance policies and standards linked to the job as listed and complete required compliance trainings. Accountable to maintain compliance with applicable federal, state and local laws and regulations.
JOB REQUIREMENTS
Required Qualifications: Education level required: Undergraduate Degree (4 years or equivalent)
(Computer Science, Information Technology, Cybersecurity or relevant field) Minimum experience required: 3+ Years (in an information technology, cybersecurity, risk, audit, and/or compliance role) At least 2-3 years in an IT and/or Cyber Risk function at a financial institution Preferred Qualifications: Applicable information security, enterprise risk, and/or compliance certifications and/or experience Working knowledge of Archer and/or similar GRC Risk Tool Working knowledge of Microsoft Office tools, including excel, word, powerpoint and Teams Job Competencies: Strong knowledge of IT and Cyber risk management concepts and applicable interagency regulatory guidance Ability to provide outcome based risk oversight and challenge to first line risk management. Knowledge of non-financial risk frameworks. Strong analytical skills with the ability to interpret data, draw conclusions, and formulate recommendations Strong verbal and written communications skills Ability to utilize advanced Excel functionality, create engaging and informative PowerPoint presentations, and work effectively in Word Detail oriented with strong organizational skills, able to thrive in a fast-paced environment with multiple competing priorities at times
Flagstar is an Equal Opportunity Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, or national origin.
JOB SUMMARY
As a key member of the second line of defense Technology, Cyber, Third Party Risk Management & Resilience Risk Management team, the Technology Risk Senior Analyst will support the Technology Risk team to fulfill the Bank’s Second Line of Defense (“2LoD”) mandate to identify, measure, monitor, and manage the Information Technology (“IT”) risk profile of the Bank, ensuring risk exposure remains within the Bank’s established risk appetite. Demonstrate independent, effective, outcome-based oversight and challenge for the risk domains within the First Line of Defense (“1LoD”) IT Risk, IT Infrastructure and Architecture teams, IT business technology teams.
JOB RESPONSIBILITIES
Provide independent, proactive oversight and challenge of IT risk management at the Bank through execution of risk framework elements including RCSA, control assessment, issue management, incident reviews, targeted deep dives, key risk indicators Assess and report IT risk profile based on quantitative and qualitative risk measures and including assessment of effectiveness of planned remediation/mitigation of excess risk exposure Provide feedback to IT Risk and other IT teams on risks, controls, testing, root cause analysis, remediation and reporting Uses independent judgement and discretion to make suggestions to team leaders (about the applicability risks and necessary controls). Analyzes and resolves problems pertaining to (differing views of risks/controls and due diligence relating to third parties)
ADDITIONAL ACCOUNTABILITIES Performs special projects, and additional duties and responsibilities as required. Consistently adheres to regulatory and compliance policies and standards linked to the job as listed and complete required compliance trainings. Accountable to maintain compliance with applicable federal, state and local laws and regulations.
JOB REQUIREMENTS
Required Qualifications: Education level required: Undergraduate Degree (4 years or equivalent)
(Computer Science, Information Technology, Cybersecurity or relevant field) Minimum experience required: 3+ Years (in an information technology, cybersecurity, risk, audit, and/or compliance role) At least 2-3 years in an IT and/or Cyber Risk function at a financial institution Preferred Qualifications: Applicable information security, enterprise risk, and/or compliance certifications and/or experience Working knowledge of Archer and/or similar GRC Risk Tool Working knowledge of Microsoft Office tools, including excel, word, powerpoint and Teams Job Competencies: Strong knowledge of IT and Cyber risk management concepts and applicable interagency regulatory guidance Ability to provide outcome based risk oversight and challenge to first line risk management. Knowledge of non-financial risk frameworks. Strong analytical skills with the ability to interpret data, draw conclusions, and formulate recommendations Strong verbal and written communications skills Ability to utilize advanced Excel functionality, create engaging and informative PowerPoint presentations, and work effectively in Word Detail oriented with strong organizational skills, able to thrive in a fast-paced environment with multiple competing priorities at times
Flagstar is an Equal Opportunity Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, or national origin.