Reach Your Peak with ICMA-RC, a FINANCIAL SERVICES LEADER in public sector employee retirement products and services. Headquartered in Washington, DC, our Financial Services corporation administers over $50 billion in retirement plan assets for more than one million participant accounts. We are constantly looking for ways to create new opportunities to serve our participants. We have an extraordinary talent base and invite you to consider joining ICMA-RC's Information Technology Team.
The Director of Technology Risk Management leads the internal Technology Risk Management team and is responsible for the reliability and effectiveness of the risk control framework for the Technology and Innovation division. The Director participates with other senior managers to establish the risk framework, educate others on risk awareness and mitigation, and seeks continuous improvement in the maturity level of the management of risk. In addition, the Director establishes plans for operational processing of risk-related items, coordinates interactions between the division and various auditors (internal and external), provides risk support to Enterprise Security, supports the IT efforts for the SOC1 and SOC2 attestation processes to promote a successful conclusion, partners with the Enterprise Risk Management Group in creating risk awareness, and provides appropriate status reporting that is consumed across all levels of the company.
The Director must be a highly motivated individual with advanced problem solving and communication skills with exceptional attention to detail, who is engaged and deeply interested in the identification and management of risk in Technology.
Essential functions for this role include:
Collaborate with stakeholders to create a size-appropriate Technology Risk Control Framework that facilities understanding of risks and provides identification and mitigation strategies across the division. A process of education and continued governance must be developed and implemented.
Lead, motivate and develop a highly functioning team of risk management experts that can interpret regulations, understand the changing landscape of risks, provide thought leadership on risk topics and determine and recommend improvements to risk management controls. Accuracy and completeness in all tasks are required.
Also has a dotted line reporting relationship to the Chief Enterprise Risk Officer, where duties include participation in the Division Risk Leader Group coordinated by Enterprise Risk Management (“ERM”) and support of their efforts in obtaining successful SOC1 and SOC2 compliance with respect to controls resident in the Division. Support of the ERM risk assessment process is required.
Provide operational support for risk assessments. Maintain the division policies and coordinate revisions and timely review. Implement a “continuous improvement” process and mindset across the team.
Provide guidance, support and tracking for audits and audit findings that require remediation. Insure deadlines are met. Provide pro-active validation of compliance with common audit areas.
Communicate status and updates to senior stakeholders across ICMA-RC. Support senior leadership in the preparation of material for key management meetings.
Other duties as assigned.
For your well-being, we offer a solid compensation and benefits package that features a competitive salary, a straight-forward incentive plan that rewards results, and a 401(k) Plan. For your career, we offer tuition reimbursement, professional development courses, seminars, career enrichment assignments, mentoring programs and a record of enterprise growth that creates continuing opportunities for career advancement. Consider ICMA-RC, and respond in strictest confidence. ICMA-RC is an Equal Opportunity Employer that values diversity in the workplace. Minorities and women are encouraged to apply. We look forward to hearing from you.
If you have the following credentials, we encourage you to apply:
BA/BS or equivalent experience (Computer Science, Math, Finance, or Economics)
10+ years of experience with Technology Risk Management, with at least five years of audit experience with an audit firm. Experience in a financial services firm is a plus
5-7 years of overall supervisory/management experience
Certifications required: Either:
CISA - Certified Information Systems Auditor and CISM - Certified Information Security Manager OR
CPA – Certified Public Accountant and CITP - Certified Information Technology Professional OR
CISSP - Certified Information Systems Security Professional and CFE – Certified Fraud Examiner
Audit experience with technology used in Financial Services firms.
Excellent written and verbal communication skills, interpersonal and collaborative skills. Ability to communicate to technical and non-technical audience
Experience leading cross-functional, inter-disciplinary teams to achieve tactical and strategic goals
Experience with successfully managing projects, audits, outside vendors, and consultants
Experience with at least one of the common risk frameworks (COBIT, NIST, etc.)
Experience with the operational aspects of risk management.
Exceptional problem-solving abilities, that is, the ability to understand a problem, and then propose and implement workable solutions
Employer will assist with relocation costs.
Founded in 1972, ICMA-RC is a non-profit independent financial services corporation focused on providing retirement plans and related services for more than one million public sector participant accounts and approximately 9,000 retirement plans.
Our mission is to help build retirement security for public employees. We deliver on our mission by focusing on service, quality and value. All of our retirement programs, administrative services and educational tools have been developed specifically for public sector retirement plan administrators and participants.