Enterprise Technology Risk Management - Manager

Job Description

Who we are

It is an exciting time to join State Street Corporation (SSC) in the Enterprise Technology Risk Management (ETRM) organization. ETRM in its capacity as Second Line of Defense (SLOD) is responsible for leadership, oversight, monitoring, and advisement around the technologies, architecture, operational processes, security, and resiliency.

Who we are looking for

Controls Testing and Assurance is a key function within SLOD to evaluate Information Technology controls to provide independent feedback on the adequacy of controls. As a representative of the ETRM group, you will be amid State Street’s multi-year technology transformation journey and regulatory requirements and responsible for providing independent risk oversight, review and challenge on technology risk controls testing and assurance program.

What you will be responsible for

As a Senior Associate, Technology Controls Testing – ETRM, you will be responsible for:

• Execute Test of Design (TOD) and Test of Effectiveness (TOE) of IT controls, including entity and process level controls, IT general and application controls
• Document accurate and detailed work papers clearly describing the tests, the results of work performed, and conclusions reached.
• Manage testing artifacts, including meeting minutes, action items, risk, and issues logs.
• Recommend improvements (if any) in controls design through awareness of technology and information security focused regulatory requirements and best practices.
• Evaluate all control deficiencies, identify root causes.
• Collaborate with technology teams across the First Line of Defense (FLOD) for them to develop strong remediation plans; Monitor implementation for timely remediation of control weaknesses.
• Deliver assigned projects independently on time, with limited support from management.
• Assist senior team members in completing basic research and analysis of the technology controls to develop Controls Testing and Assurance Oversight Framework influencing Policies, Controls, Risk Appetite, Procedures, and Guidelines
• Develop presentations for risk committees to highlight ETRM findings and recommendations.

What we value

These skills will help you succeed in this role.

• Effective communication, analytical, and project management skills
• Ability to multitask and navigate competing priorities.
• Initiative-taker, Navigating on your own.
• Ability to effectively develop and manage relationships across core stakeholder groups.
• Must be able to work during US and India time zones with the overlap of at least 4 hours.

Primary Skills (Must Have)

• Experience of working within controls testing and assurance functions with knowledge of controls design, test procedure development.
• Knowledge of Information Technology General Controls (ITGC), Risk and Control Self-Assessment (RCSA) to evaluate application development and maintenance controls, change management controls and cybersecurity controls etc.
• Knowledge of domains under ITIL (Information Technology Infrastructure Library) Practices
  • Technology Management (Software Development and Management, Infrastructure and Platform Management)
  • Service Management (Availability Management, Capacity and Performance Management, Change Management, Incident Management, IT Asset Management etc.)
• A strong understanding of Technology Risk Management to influence leaders on the need to embrace risk reduction initiatives and controls.
• Excellent communication, interpersonal, presentation and intergroup skills
• Proficient in Excel, Word, Flowcharting, PowerPoint etc.

Education & Preferred Qualifications

• Graduate in Computer Engineering (preferably BE / B TECH / BCA / MCA)
• Minimum 10-12 years of experience in information technology with 5-8 years of relevant experience in controls testing and assurance function.
• Experience with Risk Management and Technology Audits
• Strong project management abilities, critical thinking, problem solving, and decision-making skills.
• Experience with Microsoft Tools/Data Analytics/Dashboards is a plus.
• Information Security certifications like ISO27001, CRISC, CISA, CISM, CISSP etc.

About State Street

What we do. State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation, we are making our mark on the financial services industry. For more than two centuries, we have been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.

Work, Live and Grow. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary by location, but you may expect generous medical care, insurance, and savings plans, among other perks. You will have access to flexible Work Programs to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential.

Inclusion, Diversity and Social Responsibility. We truly believe our employees’ diverse backgrounds, experiences and perspectives are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift programs and access to employee networks that help you stay connected to what matters to you.

State Street is an equal opportunity and affirmative action employer. Discover more at StateStreet.com/careers

State Street's Speak Up Line