Director, Information Technology Risk
436 Slater Road-HF308
If you're looking for a meaningful career, you'll find it here at Webster. Founded in 1935 by Harold Webster Smith, our focus has always been to put people first--doing whatever we can to help individuals, families and businesses achieve their financial goals. And while we've grown into a leading commercial bank, we remain passionate about serving our customers, supporting our communities, and making a difference in people's lives. We can make a difference in your life, too. By empowering you to build the meaningful career you've been looking for.
Responsibility, respect, trust, teamwork and citizenship are the values on which Webster was founded. Together we call them The Webster Way, and they are what set us apart as a bank and an employer. Guided by these values, we put people first - working hard to live up to our customers, and each other, every day.
Manage the Risk function for Webster Technology. Identify and mitigate all risks associated with Webster Technology to include Operational, Information Technology, Information Security, Strategic, Compliance and Reputation.
- Implement and execute the Enterprise Risk Management framework for Webster Technology.
- Establish necessary policies and associated standards for Information Technology Risk. Collaborate with the CISO for Information Security and Business Continuity policies.
- In collaboration with IT process owners, lead the identification of material risks associated with Webster Technology activities, and the establishment of necessary operating procedures and technical standards to mitigate these risks and comply with policies and standards.
- Coach process owners on control design, self-assessment processes, control testing, and identifying KPIs and KRIs. Maintain overall Webster Technology process taxonomy. Lead the integration with the central GRC platform.
- Lead the organization to adapt risk and audit processes and practices to align to an agile operating model.
- Assist in defining enterprise wide risk appetite for appropriate risk types.
- Manage all policy exceptions and risk acceptances within the risk governance framework, ensuring appropriateness and periodic review.
- Lead the development of integrated and automated Webster Technology risk reporting processes to enable firm-wide aggregation of material risks, issues, KRIs and other data as may be required. Report on a regular basis through appropriate committees.
- Single point of escalation to the second line for non-compliance to policies and standards. Monitor the status of issues owned by Webster Technology to ensure timely resolution.
- In partnership with legal and compliance, monitor for new legal requirements and communicate across Webster Technology as required. Monitor progress toward implementation.
- In collaboration with the second line, monitor for new regulatory guidance associated with Webster Technology activities.
- Oversee all regulatory exams in Webster Technology. Ensure process owners maintain appropriate documentation such that Webster Technology is always exam ready.
- Collaborate with enterprise risk management and legal to document management responses to regulatory exam findings.
- 15+ years of experience in Risk or Audit functions in a banking environment.
- Ability to plainly describe risk concepts to first line operational personnel.
- Synthesis of complex and potentially conflicting data into simple, actionable reporting.
- Strong familiarity with technology, and an aptitude for learning emerging technologies and how regulatory requirements may evolve.
- Strong written and verbal communication skills -- ability to collaborate and communicate up/down and across the organization with internal/external partners.
- Ability to resolve conflicting opinions without compromising high quality risk management.
- CISA or CISSP desired.
Job Reference #: 5000415696406