EIS Operational and Technology Risk Program : Business Continuity Management Risk Officer
The responsibilities for this position include the administration of the Risk Management program in Enterprise Information Services (EIS), focusing on ensuring that Technology and Operations within EIS operate in accordance with the Enterprise Risk Appetite.
This role will provide leadership in working with the Head of Business Continuity Management to identify, monitor, mitigate, and report on all aspects of Operational Risk. This position will have specific accountability for Operational Risk Management within Business Continuity Management (BCM).
As such, it will drive risk administration and oversight consistent with the enterprise risk framework and SunTrust Audit Services (SAS). This position exercises responsibility through direct action, delegation and influence at the senior management level.
In addition, the responsibilities include:
Partnering with Technology Risk Framework Leader to build-out and deploy Business Continuity Oversight activities.
Provide oversight to BCM policy, standards and practices to enable effective business continuity risk oversight and governance
Oversight, monitoring and support of authoritative business continuity / disaster recovery requirements (FFIEC Regulatory Requirements, Industry Standards, Leading Practices).
Establish/support technology risk appetite framework and supporting business continuity metrics
Independently monitor and report on an aggregate portfolio view of BC/DR risks.
Independently monitor and escalate key gaps and issues and identify emerging technology risks within the industry.
Provide leadership and meaningful guidance and input to ensure risk is effectively monitored and managed with documented risk mitigation strategies and controls.
Drive risk dialogue, debate, and escalation at the Business Continuity Management Leadership Team level with escalation to the Head of EIS Production Services and onward to the EIS Risk Management Committee (RMC) based on Key Risk Indicators (KRIs), emerging risks / trends, and thematic analysis of issues.
Coordination of control and operational reviews performed by third parties such as the Federal Reserve and external auditors.
Will assist the leadership team with preparing for and responding to external examinations.
Partnering with Compliance to interpret regulatory requirements and their applicability to existing and proposed business activities.
Fostering relationship building by using strong subject matter expertise, excellent communication skills, interpersonal skills and exhibiting the flexibility/adaptability to work in a matrix management environment.
Supporting the development of operational risk management and compliance communications to Senior Executives and Risk Committees.Qualifications
- Bachelor’s degree in a related field.
- 8-10 years related work experience.
- Experience operating in risk capacity at financial institution.
- Functional expertise in business continuity / disaster recovery.
- Strategic management skillset with the ability to quickly pivot from strategic consultant role to execution/implementation advisor.
- Demonstrated comfort with technology including knowledge of Enterprise IT.
- Consulting and/or management experience.
- Evidence of taking on larger responsibilities and/or more senior roles.
- Resourceful and research savvy.
- Exceptional problem solving ability–excel at solving problems that require logical reasoning, creative thinking, comfort with numbers and the ability to untangle complex issues.
- Strong quantitative background.
- Executive level communications and presentation skills.
- Strong relationship management skills.
- Demonstrated formal and informal leadership skills–frequently takes initiative and eager to break new ground.
- Comfortable working in matrix environment.
- Experience in the financial services industry (Big 4 experience would be a plus) - Business Continuity / Disaster Recovery expertise desired.
- Familiarity with Federal Regulations (FFIEC) that impact Business Continuity.
- Certification in BCM desired.
- Broad familiarity with information technology with specific emphasis on business continuity/ disaster recovery as well as application architecture and resiliency patterns, dependency mapping and cloud resiliency (DRaaS)
- Good grasp of best practices, regulatory, and compliance issues related to IT Risk
- Excellent relationship management skills.
- Consultative approach, effective in building productive, trusted relationships and in fostering an open, engaged and inclusive dialogue with business and risk partners
- Presence, poise and executive stature
- Excellent communication and presentation skills.
- Ability to distill and convey complex topics both orally and in writing.
- Good influence skills.
- Ability to articulate risks, tradeoffs, and recommend course of action clearly and compellingly
- Intelligence, energy and spirit
Equal Opportunity Employer: SunTrust supports a diverse workforce and is a Drug Testing and Equal Opportunity Employer. SunTrust does not discriminate against individuals on the basis of race, creed, color, gender, religion, national originTo review the EEO Poster, copy and paste the following link into your browser: http://www1.eeoc.gov/employers/upload/eeoc_self_print_poster.pdf http://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf