Risk Manager 3-090016428 Job Details

Description
GENERAL SUMMARY:
 
Responsible for managing, monitoring and coordinating information risk management activities.  Works with the Information Security and Risk Management groups within Technology and Operations Services (TOS) to establish and oversee the US Bank Information Security Program.  Develops, builds and maintains the oversight framework for the Bank's information risk management processes.
 
SHORT-TERM RESPONSIBILITIES:
 
§         The Information Risk Manager will be responsible for annual Information Security reporting to the Board of Directors and quarterly reporting to the Corporate Risk Committee.
§         Develop processes and procedures to support the various and evolving activities and responsibilities supporting the US Bank Information Security and GLBA programs.
§         Develop requirements related to Information Security and GLBA program enhancements.
§         Drive incremental quality improvements in US Bank information security processes via risk assessments, and control identification and optimization.
§         Monitor and have responsibility for audit and regulatory exam findings.
§         This role supports the many communication forums and committees directed by the Office of Enterprise Risk Management.
§         Interact with Internal Audit, Enterprise Risk Management, Corporate Compliance and other similar functions throughout the bank to develop partnerships and build synergies.
§         Other tasks as assigned.
 
LONG-TERM RESPONSIBILITIES:
 
In addition to the short-term responsibilities listed above, the following long-term responsibilities will be integrated into the position as the structure and role of the Office of Enterprise Risk Management continues to evolve:
§         Identify and design training and communications in conjunction with other Information Security Program stakeholders to promote an appropriate risk culture.
§         Monitor risk/control environment and escalate potential issues to management.
§         Partner with other stakeholders to develop enterprise risk models and make recommendations to management.
§         Coordinate communication with other resources of expertise within the bank to optimize cooperation and facilitate comprehensive cross-functional analysis and review of risk related and operational issues.
§         Reinforce accountability for identifying, controlling and measuring Information Security risk at the business line.
§         Development of KRIs - Develop Metrics to gauge effectiveness, efficiency and value of the Information Security Program.
 
Your Career is Here.
Qualifications
QUALIFICATIONS:
 
§         Previous experience in implementing and maintaining an Information Security risk management framework.
§         Demonstrated experience analyzing, interpreting, and communicating GLBA compliance requirements and making recommendations to senior management.
§         Good understanding of Information Security and Risk management principles, regulatory requirements and industry-wide accepted standards and best practices, including FFIEC Guidelines, COSO and COBIT frameworks, as well as relevant U.S. Bank policies, standards and practices.
§         Previous experience with business process risk management.
§         Excellent written and verbal communication skills, including strong documentation and presentation skills.
§         CISA, CISM, or CISSP preferred.
§         Audit experience preferred.
§         Banking industry experience preferred.