Job Description Clearing, Markets & Issuer Services Technology (CMIST)
is responsible for application development and support for critical business systems including Repo Edge (collateral management), Enterprise Payment Hub (multi-currency payment processing), and Broker Dealer Clearance (securities clearing), along with approximately 350 other applications used by the following high-priority business services and their clients.
TheCMIST Centers of Excellence
govern best practices across the organization. Supporting functions include financial planning, portfolio / program / project management, technology risk management, as well as communications and employee engagement. The teams also provide strategic guidance for enterprise technology programs for application resiliency and infrastructure modernization. In addition, the COEs are responsible for production application administration and incident management, as well as mainframe development and quality engineering standards.
As a member of the Clearing, Markets and Issuer Services Technology (CMIST) Risk & Compliance Team, this role is responsible for setting the strategy for identifying, analyzing, monitoring, reporting, and minimizing information technology risks within their assigned portfolio. As a senior member of the CMIS Technology Risk team, this role will be responsible for defining, documenting and communicating standardized and proactive processes for technology risk identification, treatment, monitoring and reporting. Supports the assigned line of business in gathering information and preparing for all tech risk related reporting and meetings, i.e. internal and external audit, regulatory interaction, as well as the Key Risk Review and related meetings. Collaborates with the assigned Application managers to ensure tracking and timely remediation of risks is occurring. Supports the Risk and Control Self-Assessment (RCSA) and High Level Assessment (HLA) processes for the assigned portfolio within CMIST. Coordinates the issue and exception/acceptance processes, including self-reported issues. Provides consultative guidance on the prioritization of remediation efforts and supports new initiatives by implementing a "baked-in" automated control measurement and monitoring.
The position represents and facilitates the work of the Technology Risk and Control group areas: Risk Framework, Risk Identification and Treatment, Risk Reporting and Intelligence, Regulatory Relations and Exams, Risk Advisory, and Risk Automation. Provides guidance and collaborations with the IT Risk Analyst and team leads within the CMIST Risk Management team to ensure that processes for risk management are applied consistently throughout CMIST. Ensures that risk mitigation from policy to the Unified Control Framework is adhered to. Participates in setting the standards and practices for risk management and compliance monitoring within CMIST. Supports strategic initiatives as agreed upon by the Head of CMIST Risk & Control and the LOB CIO.
Group Manager, IT Risk Management->> Manages a medium to large-sized or multiple small teams responsible for identifying, analyzing, monitoring, and minimizing areas of risk that pertain to information technology. Ensures coordination of all matters with disaster recovery and data security teams. Directs and oversees the preparation of risk reports for review by multiple business areas and CTS management. Leads and contributes to policies for documenting existing control procedures. Analyzes documentation for evidence of successful and efficient performance. Manages complex projects that involve working with the businesses to improve controls to mitigate any deficiencies. Ensures controls meet regulatory and organization standards. Uses in-depth knowledge of information technology and market trends to determine potential risks to the organization. Manages analysis and draws conclusions in order to recommend and direct any resulting change needed to mitigate risk. Recruits, directs, motivates and develops staff, maximizing their individual contribution, their professional growth and their ability to function effectively with their colleagues as a team. Manages one or more risk management teams. Contributes to the achievement of team objectives.Qualifications
BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer.
- Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred.
- 10+ years of related experience required - mixed experience in application development, computer architecture, and technology/information risk, assurance or advisory required.
- Supervisory or management experience required.
- Communication skills must range from participation in detailed technical discussions to business-oriented presentations to working closely with senior management.
- Experience in the securities or financial services industry is a plus.
- CISA, CISSP or CRISC and ISACA certifications preferred.
Minorities/Females/Individuals With Disabilities/Protected Veterans.Our ambition is to build the best global team - one that is representative and inclusive of the diverse talent, clients and communities we work with and serve - and to empower our team to do their best work. We support wellbeing and a balanced life, and offer a range of family-friendly, inclusive employment policies and employee forums.Primary Location:
United States-New Jersey-Jersey CityInternal Jobcode:
Clearing Markets ISS Svcs Tech-HR16624Requisition Number: