This job has expired, please see additional jobs below
Director, IT Risk Monitoring, Information Security
BMO Financial Group
Chicago, IL, United States
Job Details - this job has expired, please see similar jobs below
Description
The Director, IT Risk Monitoring is responsible for the development and evolution the GITRM1B Risk Monitoring Function. Key accountability is focused on operational efficiency improvements related to validation of testing activities, monitoring of metrics, and providing effective challenge models to the 1st line activities within Technology and GITRM. The Director holds the primary relationship with business partners from Technology, Data Governance and Global IT Risk Management organizations, and ensures successful completion of the Risk Monitoring activities as the prime measure of success. The Director ensures that there is coordination of parallel programs or projects and those deliveries are aligned across all these initiatives to obtain the desired business benefit.
The Director has breadth and depth of understanding of multiple lines of business and is able to facilitate communication between multiple stakeholders efficiently and effectively. The Director directs, manages, and coordinates team members including business and technology resources, user groups, internal and external consultants and contractors, as well as vendors.
Key Accountabilities
• Directs strategic 1B IT Risk Monitoring programs within Technology, GITRM, and multiple or lines of business owning pieces of technology on a global scale
• Accountable for planning, documenting, orchestrating, and delivering assigned strategic initiateves, including all business, operational and IT deliverables. Ensures cross-program coordination of activities, deliverables and benefits
• Within the context of the assigned initiatives, responsible for building and sustaining the day-to-day relationships and communications with business partners at various levels of the organization as directed by the Head of IT Risk Monitoring.
• Responsible for delivery of activities in an iterative manner for all identified applicable Controls Framework domains within the directed Cyber Security Framework as it relates to metrics monitoring and testing validation, with the objective to demonstrate effective controls
• Determines and establishes the appropriate organizational and work breakdown structures (e.g. projects, iterative phases, and priorities) to accomplish outcomes. Ensures milestones and schedule accurately reflects the delivery commitments of any audit or regulatory findings. Ensures an overall integrated delivery plan is developed, maintained and communicated
• Ensures development of required artifacts including scope, and management plans, methodologies, and processes, while complying with applicable enterprise standards (e.g. Project Management, Risk, Audit, and Compliance)
• Ensures functional level monitoring and controls at the 1A level are effectively implemented, consulting on areas of improvement matched with follow through of closure
• Provides effective challenge to business owner on viability of controls in order to ensure the program is formulated with the right level of control to the accepted risk threshold. This includes, not limited to, technology owned by the business, technology and GITRM owned process/controls
• Ensure processes for managing issues and risks across PRC domains, including escalation processes, are established within the 1B monitoring
• Contributes to the development an engagement model for “independent validation” of testing activities, assessment processes, and monitoring of metrics to acceptable thresholds and industry standards
• Initiate and oversee the automation of selected metrics into Archer from multiple sources; establishing data feeds, ensuring repeatability of the metrics
• Implement effective monitoring solutions through automation of metrics, ensuring repeatability for all identified risk activities. Consults with process owners on new KRI’s/KPI’s for metrics not currently in place for 1A risk control and technology activities
• Partner with the process owners with technology and GITRM to identify testing and risk control activities, building upon currently reported metrics in addition to building out new ones
• Provides leadership, motivation, coaching and mentoring for the functional leadership team in order to ensure subsidiary projects are coordinated to achieve the business vision and scope
• Provides Accountable Executive with continued insight in the viability of the 1B monitoring function, making business cases for scope expansion and resource needs to support additional processes
Authorities
-authority to approve selection of team members
-direct all assigned resources
Scope & Impact
-Near term – possible consultant/contractor oversight. Longer term responsible for up to 7 direct reports and their respective teams/resources; hybrid of global resources, consultants, and FTE’s
• Impact to T&O - GITRM and all business owned technology globally
Desired Behavior
-demonstrates excellent relationship or account management behaviors
• Provides effective challenge to assumptions of process owners in order to ensure tasks are structured to achieve desired benefits
• Partners seamlessly to arrive at effective outcomes
Key Performance Indicators
• delivery of operational framework
• delivery of monitoring and validation mechanisms
-delivering methodologies, operating procedures, and results that demonstrate an effective IT Risk Monitoring program
Cross-Functional Relationship
-maintains relationships with technology and operations areas
• orchestrates activities from all areas
• solves complex program issues which may require facilitation of multiple senior resources
Qualifications
Knowledge & Skills
• Possesses a university degree and/or 12+ years relevant work experience
• Possesses advanced knowledge and 10+ years of experience in management, and building validation and testing programs
• Industry-specific knowledge and experience is an asset
• Holding a valid industry certifications such as CISA, CIA, CISSP, CISM, and/or PMP is an asset
Skills
• Excellent relationship management and consulting skills which results in proven ability to quickly earn the trust of sponsors and key stakeholders, mobilize and motivate teams; set direction and approach, resolve conflict, deliver tough messages with grace, execute with limited information and ambiguity
• Expert change leadership skills
• Expert risk management skills
• Applies an appropriate depth of perception, discernment and judgment to effectively direct a program in a changing and evolving environment
• Excellent stakeholder management and influencing skills, capable of balancing multiple perspectives, effective at all levels up to senior executive
• Sound business and technical acumen, with demonstrated agility in learning and ability to quickly become comfortable with unfamiliar businesses areas or of technologies.
• Ability to connect initiatives to broader organizational goals and grasp the key performance drivers of business partners
• Expert presentation, written and verbal communication skills which bring clarity and precision at senior executive levels
At BMO Harris Bank we have a shared purpose; we put the customer at the center of everything we do – helping people is in our DNA. For 200 years we have thought about the future—the future of our customers, our communities and our people. We help our customers and our communities by working together, innovating and pushing boundaries to bring them our very best every day. Together we’re changing the way people think about a bank.
As a member of the BMO Harris Bank team you are valued, respected and heard, and you have more ways to grow and make an impact. We strive to help you make an impact from day one – for yourself and our customers. We’ll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we’ll help you gain valuable experience, and broaden your skillset.
BMO Harris Bank is committed to an inclusive, equitable and accessible workplace. By learning from each other’s differences, we gain strength through our people and our perspectives. BMO Harris Bank is an Equal Opportunity Employer for all, inclusive of Minorities, Women, Veterans, and Persons with Disabilities.