Technology Risk Assurance Manager

APPLY NOW »

Date: Jun 21, 2022

Location: New York, NY, US

Company: New York Life Insurance Co

 

When you join New York Life, you’re joining a company that values development, career growth, collaboration, innovation, and diversity & inclusion. We want employees to feel proud about being part of a company that is committed to doing the right thing. Through various resources and programs, you can grow your career while developing personally and professionally.

 

 

 

Location: New York City - Hybrid (on-site Tues, Wed, Thurs)

The Technology Risk Assurance Manager is a key member of the Technology Risk team.  The team is responsible for providing governance and oversight of the Technology Risk and Cybersecurity domains and performing proactive risk assessments on areas of the company where new systems are being implemented.  This individual will be responsible for managing and conducting independent risk and control assessments via the Integrated Risk and Control (IRC) Program (cross-functional program that reviews pre-implementation technology projects) and validating whether action plans being implemented by the first line of defense teams adequately address technology and cybersecurity risks.  The Technology Risk Assurance Manager will support the existing Technology Risk and Control Self Assessments (RCSA), the IRC, and the Cybersecurity Oversight program, which includes managing walkthroughs and assessments of program outcomes and deliverables, risks and controls, and reporting progress of the control evaluation to senior management.

 

Main responsibilities include:

 

  • Governance
    • Oversight and governance of the implementation of cybersecurity program and controls, including tracking and monitoring of program milestones and validation of deliverables
  • Assurance
    • Manage and lead evidence-based assessments of applications, infrastructure and processes; and perform analysis of assessment results to identify recurring risk themes
    • Monitor and validate asset and control risk remediation actions for completeness and sustainability
  • Advisory
    • Provide advice and recommendations to business leaders for decisions regarding Technology Risk and Cybersecurity related topics
  • Collaboration:
    • Act as the first escalation point for risks, control deficiencies, and issues; report and escalate issues to senior management
    • Primary liaison working with NYL Technology and Subsidiaries on the annual Risk & Control Self-Assessment (RCSA) and various Technology and Cybersecurity assurance programs
  • Metrics & Reporting
    • Improve and develop reporting of risk and control metrics

 

Qualifications

 

  • Experience: At least 10 years with strong IT and cybersecurity risk assessment experience, including:
    • Prior risk management, audit and/or consulting experience
    • Prior experience in managing, performing and documenting business, technology and cybersecurity process walkthroughs, designing and executing control evaluations, analyzing results and providing recommendations
    • Prior experience with designing and maintaining risk frameworks, with a strong understanding of key industry control frameworks (NIST Cyber Security Framework, COSO, COBIT, ISO 27000, etc.)
  • Knowledge and Education:
    • Bachelor’s degree in Information Technology/Systems, Business Management, Finance, or related field
    • Certifications – CISSP, CISM, CRISC or CISA preferred
    • Strong knowledge and understanding of cybersecurity, systems architecture, infrastructure, security and applications
  • Communications and Collaboration:
    • Ability to communicate IT Risk assessment information to non-technical business leaders to ensure they comprehend the risk being assigned to them
    • Able to effectively communicate evaluation of risk remediation plans to action plan owners to ensure that mitigation activities are appropriately addressed
    • Ability to work with team members and stakeholders in resolving issues and providing recommendations
    • Excellent interpersonal, communication, writing and organizational skills
    • Ability to build partnerships and add value across businesses, technology groups, levels and disciplines
    • Proficient in Microsoft PowerPoint, Excel, Word, Project, Visio and SharePoint

SF:LI-CC1

SF:LI-PC1

risk policies and standar

risk policies and standards

 

Recognized as one of Fortune’s World’s Most Admired Companies, New York Life is committed to improving local communities through a culture of employee giving and volunteerism, supported by our Foundation. We invite you to bring your talents to New York Life, so we can continue to help families and businesses “Be Good At Life.” To learn more, please visit LinkedIn, our Newsroom and the Careers page of www.NewYorkLife.com.

Job Requisition ID: 83741

 

 

 


Job Segment: Cyber Security, Information Technology, IT Manager, Risk Management, Social Media, Security, Technology, Finance, Marketing