Principal Technology Risk Management
Discover. A brighter future.
With us, you’ll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it — we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.
Come build your future, while being the reason millions of people find a brighter financial future with Discover.
Job Description
This position is responsible for analyzing and managing technology risk by providing enterprise-wide oversight and governance for technology risk management activities within the Company. Assists with the execution of various risk frameworks across the organization by monitoring and reporting on risk activities and framework compliance for identifying, assessing and reporting on risk related activities. Responsible for effective challenge of the first line in the effective management of its related risks.
Responsibilities:
- Responsible for analyzing and managing technology risk by providing enterprise-wide oversight and governance for technology risk management activities within the company.
- Ensures program compliance and executes risk mitigation activities. Leads the effective challenge of risk and mitigation plans.
- Leads the effective challenge of technology risk and mitigation plans aligned to IT domains including Asset Management, Change Management, SDLC, and Enterprise Architecture.
- Provides technology risk oversight (create, coordinate, evaluate & assess): policies, interdependencies, cloud architecture, develop & challenge project risk assessment process.
- Perform continuous and independent assessments (adequacy) of process to include; Requirements, Secure Design and Development, Test (QA) and Deploy (Change Management).
- Ensures the business is adhering to risk management frameworks.
- Performs quality assurance activities, risk assessments, effective challenges, training, and communications.
- Monitors and tracks issues and reports.
- Provide second line technology risk oversight for emerging technologies to address technology risk.
- Contribute to analyzing technology risks, metrics models, and performance indicators.
- Ability to provide effective leadership and subject matter expertise in Technology Risk topics to senior management, technology and business partners
- Employ influencing skills to obtain buy-in and participation from various groups and stakeholders without direct control
- Build and maintain collaborative relationships with partners, clients, and peers
- Ability to communicate effectively at different levels of the organization, and with various technical and business audiences
- Excellent problem solving abilities and analytical skills. Ability to see the big picture with high attention to critical details
- Results oriented, is able to achieve timely desired outcomes independently and at appropriate priority levels
Education/Experience::
- Bachelor’s degree in Engineering, Statistics, Information Technology, Mathematics or Business.
- 4+ years’ experience in Technology, Financial Services, Risk Management, System Auditor or related field.
- In Lieu of degree 8+ years in Risk Management, Financial Services, Process Improvement, Information Technology, Audit or related.
Preferred Qualifications If we had our say, we'd also look for:
- Master's Degree in IT, Risk Management, Business, Finance, Engineering, or related field \
- 10+ years of experience in Compliance, Internal Audit, Risk Management, Financial Services, Process Improvement, or related field, including people management
- In lieu of a degree, 15+ years of experience in Risk Management, Financial Services, Process Improvement, Information Technology, Audit, or related field, including people management CSSLP - Certified Secure Software Lifecycle, Professional CRISC, CGEIT, CI.
- Sound understanding of Technology and it’s management lifecycle
- SA, CISM, CISSP, or similar Preferred. BSIMM (Building Security in Maturity Model) Project Management Professional
- Good understanding of Technology and risk constructs aligned to COBIT framework including but not limited to Enterprise Architecture, Cloud deployment models and associated security risks
- Knowledge of technology risk programs and process including, but not limited to, Audit reviews, Risk assessment, SDLC, and Incident Management
- BSIMM (Building Security in Maturity Model) Project Management Professional
#LI-DK1
#Remote
#BI-Remot
What are you waiting for? Apply today!
The same way we treat our employees is how we treat all applicants – with respect. Discover Financial Services is an equal opportunity employer (EEO is the law). We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status in consideration for a career at Discover.