Risk Controls Self-Assessment (RCSA) Control Owner – Insider Threat

Risk Controls Self-Assessment Control Owner – Insider Threat

At BNY, our culture empowers you to grow and succeed. As a leading global financial services company at the center of the world’s financial system we touch nearly 20% of the world’s investible assets. Every day around the globe, our 50,000+ employees bring the power of their perspective to the table to create solutions with our clients that benefit businesses, communities and people everywhere.    

We continue to be a leader in the industry, awarded as a top home for innovators and for creating an inclusive workplace. Through our unique ideas and talents, together we help make money work for the world. This is what #LifeAtBNY is all about.

We’re seeking a future team member for the role of Risk Controls Self-Assessment Control Owner to join our – Insider Threat team. This role is in Pittsburgh, PA, Lake Mary, FL –HYBRID.

In this role, you’ll make an impact in the following ways: 

1. Control Assessments and Facilitation:

•  Host and support business units in performing Risk Control Self-Assessments (RCSA) for insider threat controls.
•  Ensure alignment with regulatory requirements and organizational policies throughout the assessment process.
• Provide guidance and expertise to business unit stakeholders to identify, document, and assess control effectiveness.

2. Monitoring and Reporting:

•  Continuously monitor the effectiveness of insider threat controls across the organization.
•  Develop and maintain metrics and reporting mechanisms to evaluate control performance.
•  Identify and escalate control deficiencies, gaps, or risks, and support business units in developing remediation plans.

3. Scorecard Development and Presentation:

•  Design and maintain scorecards to summarize insider threat control performance and effectiveness metrics.
•  Present quarterly scorecards to enterprise control managers, highlighting key findings, trends, and recommendations for improvement.

4. Collaboration and Communication:

•  Partner with Insider Risk, Compliance, and Audit teams to ensure proper governance and oversight of insider threat controls.
•  Act as a liaison between business units and enterprise control managers, ensuring clear communication of risks, expectations, and outcomes.

5. Continuous Improvement:

•  Contribute to the development and enhancement of RCSA processes, tools, and frameworks to ensure efficiency and accuracy.
•  Stay informed about emerging risks, regulatory changes, and best practices in insider threat management.
   

To be successful in this role, we’re seeking the following: 

Education: Bachelor’s degree in risk management, Business Administration, Cybersecurity, or a related field.

 Experience:

•  5+ years of experience in risk management, internal controls, audit, or insider threat programs in a highly regulated environment.
•  Strong understanding of RCSA processes and enterprise risk management frameworks (e.g., COSO, NIST).
•  Familiarity with insider threat risks, behaviors, and mitigation strategies in financial institutions.

  Skills:

•  Exceptional analytical and problem-solving skills.
•  Strong written and verbal communication skills with the ability to present complex information to senior stakeholders.
•  Proficiency in developing metrics, scorecards, and dashboards (e.g., Excel, Power BI, Tableau).
•  Ability to manage multiple priorities and deadlines in a dynamic environment.

  Preferred Qualifications:

•  Experience with insider threat detection and monitoring tools.
•  Knowledge of regulatory requirements (e.g., FFIEC, SOX, GLBA) and their application to insider risk.
•  Professional certifications such as CISA, CRISC, CISSP, or similar are highly desirable.

At BNY, our culture speaks for itself. Here’s a few of our awards: 

• America’s Most Innovative Companies, Fortune, 2024
• World’s Most Admired Companies, Fortune 2024
• Human Rights Campaign Foundation, Corporate Equality Index, 100% score, 2023-2024
• Best Places to Work for Disability Inclusion, Disability: IN – 100% score, 2023-2024
• “Most Just Companies”, Just Capital and CNBC, 2024
• Dow Jones Sustainability Indices, Top performing company for Sustainability, 2024
• Bloomberg’s Gender Equality Index (GEI), 2023

Our Benefits and Rewards:

BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter. 

BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.

Consults with other IT areas and the businesses and provides professional support for major components of the company's information security infrastructure. Contributes to the development and implementation of security architecture, standards, procedures and guidelines for multiple platforms. Consults with the business and operational infrastructure personnel regarding new and existing technologies. Recommends new security tools to management and reports and provides guidance and expertise in their implementation. Reviews and analyzes complex data and information to provide insights, conclusions and actionable recommendations provides direction and guidance on reports and analyses and ensures recommendations are aligned with customer/business needs and capabilities. Ensures that all significant security concerns are addressed. Recommends course of action to mitigate risk and ensures that appropriate standards are established and published. Contributes to the achievement of area objectives. Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred, 8-10 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.. BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer. Minorities/Females/Individuals with Disabilities/Protected Veterans. Our ambition is to build the best global team – one that is representative and inclusive of the diverse talent, clients and communities we work with and serve – and to empower our team to do their best work. We support wellbeing and a balanced life, and offer a range of family-friendly, inclusive employment policies and employee forums.