Corporate Vice President, Technology Governance - Strategic Initiatives, Risk officer/Assessor

When you join New York Life, you’re joining a company that values career development, collaboration, innovation, and inclusiveness. We want employees to feel proud about being part of a company that is committed to doing the right thing. You’ll have the opportunity to grow your career while developing personally and professionally through various resources and programs. New York Life is a relationship-based company and appreciates how both virtual and in-person interactions support our culture.

The Technology Governance – Strategic Initiatives, Risk Officer / Assessor is a member of the Technology Risk Management team.

The team is responsible for providing risk governance and oversight on key multi-year strategic initiatives (e.g., Cloud) within Technology. Specifically, the team is focused on the technology risk and control domains, enabling proactive risk assessment and advisory on programs involving new system and process implementations. The objective of the Technology Governance – Strategic Initiatives team is to ensure that a risk management lens is applied, and the appropriate controls are being considered as part of these multi-phase complex initiatives.

This individual will be responsible for managing and conducting targeted assessments and advising on technology risks and controls across New York Life and its subsidiaries. This includes acting as an internal consultant to provide guidance, as well as performing and overseeing evaluations of program control design and implementation. The deliverables for this individual will include independent 2nd line reporting on each initiative, identification and escalation of any observations, and tracking of remediation items to completion. This person will partner with stakeholders from the business, Technology and all three lines of defense to further strengthen the organization’s risk management capabilities and align with company objectives.

Main responsibilities include:

•     Governance

•  Oversight and governance of program implementation and controls, including tracking and  monitoring of program milestones and validation of deliverables

•     Assurance

• Manage and lead evidence-based assessments of applications, infrastructure and processes,  including migrations (i.e., Cloud); and perform analysis of assessment results to identify  recurring risk themes
• Monitor and validate asset and control risk remediation actions for completeness and sustainability

•     Advisory

•  Provide insights on program book of work, based on the latest industry risk mitigation best practices, to business leaders for decisions regarding Technology Risk and Cybersecurity related topics

•     Collaboration

• Act as the first escalation point for risks, control deficiencies, and issues; report and  escalate observations to senior management

•     Metrics & Reporting

• Develop and enhance reporting of risk and control metrics and dashboards

Qualifications:

• At least 10+ years of strong business, operational or technology risk experience including:

• Risk management, audit and/or consulting
• Managing, performing and documenting cybersecurity and cloud process walkthroughs, designing and executing control evaluations, analyzing results and providing recommendations
• Designing and maintaining risk frameworks, with a strong understanding of key industry control frameworks (CCM, NIST Cyber Security Framework, CSA, COSO, COBIT, ISO 27000, etc.)
• Managing, performing and documenting business process and technology process walkthroughs
• Evaluating risks and controls for design, implementation and overall effectiveness

• Bachelor’s degree in Information Technology/Systems, Business Management, Finance, or related field

• Strong knowledge and understanding of cloud technology, cybersecurity, systems architecture, infrastructure, security and applications
• Ability to communicate technology risk information to business leaders to ensure they comprehend the risks and response options
• Able to effectively communicate evaluation of risk remediation plans to action plan owners to ensure that mitigation activities are appropriately addressed
• Ability to work independently; critical thinker; able to look at the big picture
• Ability to work with team members and stakeholders in resolving issues and providing recommendations
• Excellent interpersonal, communication, writing and organizational skills
• Ability to build partnerships and add value across businesses, technology groups, levels and disciplines
• Proficient in Microsoft PowerPoint, Excel, Word, Project, Visio and SharePoint

Recognized as one of Fortune’s World’s Most Admired Companies, New York Life is committed to improving local communities through a culture of employee giving and volunteerism, supported by the Foundation. We're proud that due to our mutuality, we operate in the best interests of our policy owners. We invite you to bring your talents to New York Life, so we can continue to help families and businesses “Be Good At Life.” To learn more, please visit LinkedIn, our Newsroom and the Careers page of www.NewYorkLife.com.

Job Requisition ID: 87205