Working Title: Information Technology Risk Specialist
Unit: Risk, Policy and Analysis Group; Risk Specialist Team
Grades: 14 - 16
Location: San Francisco
The Financial Institution Supervision and Credit (FISC) Division at the Federal Reserve Bank of San Francisco supervises financial institutions in the 12th District. Our mission is to ensure a safe, sound, and accessible financial system. The Risk Specialist Team (RST) within the Risk, Policy and Analysis Group provides subject matter expertise to FISC’s Large Institution Supervision Group (LISG), which is responsible for monitoring and assessing the safety and soundness of large domestic banking institutions, U.S. operations of foreign banking organizations, and significant bank service providers in the District. These 12th District firms include Charles Schwab Corporation, Mitsubishi UFJ Financial Group, and Visa.
RST members also participate in supervisory activities at large banking organizations in other Districts across the Federal Reserve System (System), including a wide range of horizontal (cross-firm) reviews in areas such as cyber security, cloud computing, machine learning and artificial intelligence technologies, and operational resilience. In addition, RST members may conduct outreach activities and provide training within the supervisory community and to industry groups, as well as contribute to various System risk affinity, monitoring, and coordination groups, and the development of related supervisory strategies and examination procedures. As such, the successful candidate will closely interact with numerous individuals throughout the supervisory community and executive management of supervised firms.
The Information Technology Risk Specialist is responsible for assessing enterprise-wide information technology (IT) risks, including information security and cyber security risks, along with related IT and safety and soundness risks at the LISG firms in the 12th District and across the System. The successful candidate will report to the RST IT Team Manager.
We seek an individual who possesses significant experience in bank examinations or IT audits or control assessments with a focus on IT operations, IT risk management, and IT internal audit programs at large, complex financial institutions. Particular emphasis will be placed on candidates with experience covering areas such as information/cyber security, data center operations, IT networks, payment (processing, clearing, and settlement) systems, and business continuity planning as well as experience covering related operational risk areas, such as third party service provider risk management, risk control self-assessments, offshoring, and privacy risks.
The successful candidate will collaborate with the dedicated supervisory teams for the large institutions and other specialists to develop and execute the supervisory program, and serve as a thought leader. Responsibilities include leading and participating in firm-specific and horizontal examinations, analyzing internal reports, conducting discussions with executive management of supervised firms and other regulators (i.e., OCC and FDIC), researching relevant IT risk topics affecting the financial services industry, and advising supervisory team management of emerging IT risks and vulnerabilities.
The ability to explain complex IT issues and concepts effectively to non-IT staff and management is critical to this position, as is the ability to foster strong, collaborative working relationships with various stakeholders, including the Federal Reserve Bank of San Francisco senior management, System staff and management, and other regulators. Written and oral communications with various stakeholders must be clear and concise, focused on root-cause analysis, be conclusion-oriented, well-supported, and consistent with regulatory standards.
Duties and Responsibilities
The Information Technology Risk Specialist is expected to work in a collaborative manner with other System staff and management, and examiners from other regulatory agencies to identify and monitor emerging issues, trends, vulnerabilities, and ongoing developments in a supervised organization’s IT environment. Responsibilities include:
Maintain an advanced level of expertise in IT operations, IT risk management, IT internal audit, and regulatory developments in these areas of focus, including a strong understanding of current industry trends and practices, effective risk measurement and management practices, and emerging concerns that may impact a firm’s operational risk profile
Evaluate developments impacting a firm’s operational risk profile through in-depth analysis of internal risk management reports and interactions with bank management
Analyze key operational risk metrics that support an overall assessment of a firm’s level of operational risk and risk management practices across the firm’s enterprise IT environment
Assist in the development of supervisory strategies
Establish inclusive and collaborative working relationships with key stakeholders including other IT specialists, dedicated supervisory team members, and other regulators as a means of developing a thorough understanding of the risk profile at a firm and the effectiveness of operational risk management
Lead and participate in on-site and off-site target reviews and examinations, and continuous monitoring activities, evaluating significant IT-related risks
Ensure timely delivery of high quality supervisory work products
Communicate effectively with System staff and management on IT-related topics associated with all types of enterprise operational risks through periodic and ad hoc written and oral briefings
Must be a U.S. Citizen, U.S. National, or hold a permanent resident/green card with intent to become a U.S. Citizen
Bachelor’s degree in business, IT, operations management, or related fields of study (or equivalent work experience); advanced degrees or professional certifications with an emphasis on IT or information security (e.g., CRISC, CISM, CISA, CISSP) are highly desired
Comprehensive knowledge of, and experience evaluating, IT risks facing complex global financial institutions and prudent practices for managing those IT and related operational risks
Advanced analytical, problem solving, and project management skills
Interest and ability to work on a variety of assignments, strong learning agility, and capability to work independently with minimal supervision
Experience in IT bank examinations at a regulatory agency or IT audits at a banking organization or consulting firm is preferred
Domestic travel and overnight stays may be required depending on assignment
In addition to core technical competencies described above, the successful candidate must possess the following critical behavioral competencies (among others).
Leadership: Effectively taking responsibility for leading others by creating a supportive and empowering environment; expecting everyone to act as a leader (leading direct reports, project teams, research groups, or in any other leadership capacity).
Critical Thinking: Thinking deeply and broadly about issues and making connections among situations that are not obviously related; using that recognition to advance the organization’s strategic goals.
Collaboration: Encouraging individuals to work together within and across teams, collectively generating new ideas, problem-solving, sharing expertise, and actively supporting each other to achieve goals.
Influence: Building respect and trust, based on an understanding of interpersonal and organizational dynamics, to generate support for ideas and actions, and to persuade others.
Achievement: Identifying and working toward challenges for improvement in self, others, and the organization; aligning personal behavior with the needs, priorities, and goals of the organization.
Innovation: Demonstrating flexibility and initiative by identifying new and better ways to address a problem or opportunity; moving from reactive to proactive action, and seeking to improve the long-term effectiveness of the organization.
The Federal Reserve Bank of San Francisco is an Equal Opportunity Employer. Our people proudly reflect the diversity and ideas of the communities we serve.
Relocation expenses are negotiable.
About Federal Reserve Bank of San Francisco
We like to say we work for the Fed, not at the Fed. That’s because the SF Fed is not just another employer or government agency. Here, you have the opportunity to become part of an important public service institution whose work touches lives across the globe. The thought of economic and monetary policies may lead you to think of the Federal Reserve as solely a banking organization. Quite the contrary, as you can see, our work includes a broad range of disciplines.
BACK TO TOP
ISACA Career Centre is Just One of the Benefits.
Discover what else ISACA Membership has to offer!
The job you are trying to reach from was originally posted at ISACA Career Centre.