Information Risk - IC3 ensures internal controls related to information risk management are sound and effective and drives the implementation of new controls.
Assigned business/business partner areas are typically medium to large in size and moderately complex.
Incumbents demonstrate a breadth of knowledge of information risk management best practices and a thorough understanding of control and risk management concepts.
Recognized as the information risk point of contact and subject matter expert within the assigned business/business partner areas.
Assists more senior team members and management with governance, prioritization and execution of information risk programs within the business/business partner area.
Contributes to the establishment of risk strategy for the business/business partner area and is responsible for ensuring the implementation of that strategy.
Leverages risk control techniques to achieve business objectives.
Contributes to the development and sustention of a risk-aware culture and mindset among employees, contractors and service providers.
Addresses risk-awareness issues with contractors and temps to ensure they reach an appropriate level of awareness of security issues and their responsibilities.
Enforces and communicates risk related policies, practices and guidelines.
Leads or co-leads the execution and delivery of business information risk management initiatives specific to a business/business partner area.
Contributes to reducing the likelihood of negative reputational and regulatory due to non-compliance with the Banks information risk management policies and standards, including local procedures specific to the assigned business/business partner areas.
Begins to build strategic relationships to influence at all levels of the organization.
Liaises with other business units, operations, technology, legal and compliance staff.
Collaborates with other stakeholders to develop and implement consensual decisions.
As necessary, partners with business continuity coordinators to develop disaster test scenarios and methods for managing the resulting hypothetical issues. Supervises, motivates and guides more junior Information Risk roles.
No direct reports.
Provides technical advice/guidance to less experienced Information Risk roles as needed.
Responsibilities are primarily limited to assignedbusiness/business partner areas. However, tasks may produce cross-regionalimpacts.
Bachelor's degree or the equivalent combination of education and experience is required.
5-7 years of experience in information risk preferred.
Experience in financial services is preferred.
Certified Information Security Management (CISM) or Certified Information Systems Auditor (CISA) security certification preferred.
BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer. Minorities/Females/Individuals With Disabilities/Protected Veterans. Our ambition is to build the best global team - one that is representative and inclusive of the diverse talent, clients and communities we work with and serve - and to empower our team to do their best work. We support wellbeing and a balanced life, and offer a range of family-friendly, inclusive employment policies and employee forums.
Primary Location: United States-New York-New York Internal Jobcode: 70345 Job: Asset Management Organization: IM Infrastructure-HR14826 Requisition Number: 2001030