TRM is a second line of defense (2LOD) function, reporting to the Chief Risk Officer of BNY, that provides oversight and challenge to the company’s Technology organization and related Line of businesses . The goal of TRM is to make sure that technology, cyber / information security, resiliency, data and technology infrastructure risks are clearly understood by the first line of defense (1LOD), transparently reported through governance and managed within the defined risk appetite and risk management framework.

• Provide oversight and challenge across the 1st Line of defense and assess Technology Infrastructure and IT Shared Services Risk.
• Act as a thought leader and apply understanding of controls and area for improvement to anticipate technology risks inherent to the assigned areas of technology.
• Leads the assessment, monitoring and reporting on technology risks inherent to business activities, including infrastructure and development lifecycle risk concepts.
• When needed, extend support to team members on different types of risk assessments and metrics oversight in the infrastructure space.
• Prepare or participate in the preparation of executive level reports for regulators and senior stakeholders
• Applies influence to ensure the availability of technology risk input requirements, to build consensus on risk mitigation and remediation strategies among global and/or regional stakeholder groups.
• No direct reports, provide guidance to more junior team members and assigns tasks, as needed.

• Bachelor‘s degree or the equivalent combination of education and experience is preferred.
• 8 to 10 years of work experience preferred, in the financial services industry is a plus.
• Experience in supporting or working on regulatory engagements preferred
• Technical understanding of infrastructure and lifecycle development related domains is a plus.
• Relevant industry certification is a plus. (AWS/Azure/GCP, CCSA, CRISC, CISSP, CISM, CISA, etc.)
• Demonstrated expertise in running risk assessments and reporting processes, understanding what is appropriate and aligns with Technology Risk and ability to drive best practices into the wider organization.
• Strong communication skills to articulate risk related topics clearly across stakeholders.
• Ability to take ownership of projects and drive them forward in a collaborative manner.