Corporate Vice President - Technology Governance, Strategic Initiatives, Risk Officer/Assessor

APPLY NOW »

Date: Jun 19, 2022

Location: New York, NY, US

Company: New York Life Insurance Co

 

 

When you join New York Life, you’re joining a company that values career development, collaboration, innovation, and inclusiveness. We want employees to feel proud about being part of a company that is committed to doing the right thing. You’ll have the opportunity to grow your career while developing personally and professionally through various resources and programs. New York Life is a relationship-based company and appreciates how both virtual and in-person interactions support our culture.

 

 

The Technology Governance – Strategic Initiatives, Risk Officer / Assessor is a member of the Technology Risk Management team.


The team is responsible for providing risk governance and oversight on key multi-year strategic initiatives (e.g., Cloud) within Technology. Specifically, the team is focused on the technology risk and control domains, enabling proactive risk assessment and advisory on programs involving new system and process implementations. The objective of the Technology Governance – Strategic Initiatives team is to ensure that a risk management lens is applied, and the appropriate controls are being considered as part of these multi-phase complex initiatives.


This individual will be responsible for managing and conducting targeted assessments and advising on technology risks and controls across New York Life and its subsidiaries. This includes acting as an internal consultant to provide guidance, as well as performing and overseeing evaluations of program control design and implementation. The deliverables for this individual will include independent 2nd line reporting on each initiative, identification and escalation of any observations, and tracking of remediation items to completion.

 

This person will partner with stakeholders from the business, technology and all three lines of defense to further strengthen the organization’s risk management capabilities and align with company objectives.


Main responsibilities include:


• Governance
o Provide risk management oversight and governance of enterprise-wide initiatives; Oversee program implementation and controls, including tracking and monitoring of program milestones and validation of deliverables

 

• Assurance
o Manage and lead a portfolio of evidence-based assessments of applications, infrastructure and processes, including migrations (i.e., Cloud)
o Perform analysis of assessment results to identify recurring risk themes
o Monitor and validate asset and control risk remediation actions for completeness and sustainability

 

 Advisory
o Provide insights on program book of work, based on industry frameworks and best practices.
o Partner with Technology and business to prioritize risk-remediation activities
o Advise business leaders on decisions regarding Technology Risk and Cybersecurity related topics

 

• Collaboration:
o Act as the first escalation point for risks, control deficiencies, and issues; report and escalate observations to senior management

 

• Metrics & Reporting
o Develop and enhance reporting of risk and control metrics and dashboards

 

Qualifications
• At least 10+ years of strong business, operational or technology risk experience including:
o Risk management, audit and/or consulting
o Managing, performing and documenting cybersecurity and cloud process walkthroughs, designing and executing control evaluations, analyzing results and providing recommendations

o Designing and maintaining risk frameworks, with a strong understanding of key industry control frameworks (CCM, NIST Cyber Security Framework, CSA, COSO, COBIT, ISO 27000, etc.)
o Managing, performing and documenting business process and technology process walkthroughs
o Evaluating risk and controls for design, implementation and overall effectiveness
• Bachelor’s degree in Information Technology/Systems, Business Management, Finance, or related field
• Strong knowledge and understanding of cloud technology, cybersecurity, systems architecture, infrastructure, security and applications
• Ability to communicate technology risk information to business leaders to ensure they comprehend the risks and response options
• Able to effectively communicate evaluation of risk remediation plans to action plan owners to ensure that mitigation activities are appropriately addressed
• Ability to work independently; critical thinker; able to look at the big picture
• Ability to work with team members and stakeholders in resolving issues and providing recommendations
• Excellent interpersonal, communication, writing and organizational skills
• Ability to build partnerships and add value across businesses, technology groups, levels and disciplines
• Proficient in Microsoft PowerPoint, Excel, Word, Project, Visio and SharePoint

 

Recognized as one of Fortune’s World’s Most Admired Companies, New York Life is committed to improving local communities through a culture of employee giving and volunteerism, supported by the Foundation. We're proud that due to our mutuality, we operate in the best interests of our policy owners. We invite you to bring your talents to New York Life, so we can continue to help families and businesses “Be Good At Life.” To learn more, please visit LinkedIn, our Newsroom and the Careers page of www.NewYorkLife.com.

Job Requisition ID: 86176

 

 

 


Job Segment: Cyber Security, Executive, VP, Risk Management, Social Media, Security, Management, Finance, Marketing