Position Summary

The Principal Embedded Risk Manager (ERM) specializes in serving as a central point of contact and liaison aligned with IT that drives completion of, and adherence to, risk and control commitments, obligations, and requirements for their aligned departments; and is responsible for assisting stakeholders with the identification and timely remediation of risk. They are a top-level contributor that acts independently with minimal direction. The ERM’s ability to form strong relationships and communicate with a breadth and variety of management resources is critical. Attention to detail and strong time management skills are also required, along with juggling competing priorities.

Specific Responsibilities

• Follow the DTCC processes and methodologies for risk management
• Learn to effectively use the tools required for risk management  such as PDMS / MetricStream / Archer
• Comply with existing risk and control commitments and requirements
• Effectively Liaison between and across the cost centers composing Enterprise Production Assurance (EPA) and IT Resiliency and Data Center (ITR&DC) and the following control functions:
• Internal Audit Department
• Technical Risk Management
• Operational Risk Management
• Regulators / Regulatory Relations
•  IT Risk Community of Excellence
• Management Control Testing
• Drive successful and timely completion of commitments and requirements
• Issues and Actions
• TRM network and app pen test findings, FOSS findings
• Risk acceptances and policy deviations
• PDMS Policy and Procedures document reviews
• Provide guidance and become trusted resource between stakeholders and control functions
• Assist with thoughtfully articulating issues and remediation plans, driving timely submissions to control functions
• Assist EPA and ITR&DC teams in tracking audit deliverables and facilitating management’s timely response to requests
• Track audit actions against defined delivery dates and assist with development of retarget plans as necessary
• Protect stakeholders by identifying control adherence/design effectiveness gaps as first line of defense
• Conduct proactive Continuous Improvement Questionnaire (CIQ) to identify MSIs, policy deviations and risk acceptances to mitigate future control function findings
• Update Process, Risk & Control (PRC) framework proactively
• Review Key Performance Indicator (KPI) maker/checker compliance
• Effectively document meeting decisions and actions in a timely manner
• Work closely with management and stakeholders to accurately report status of audit and regulatory actions
• Collaborate effectively with the Risk Management Center of Excellence to drive the teams’ timely response to TRM, external Audit, and regulatory requests
• Enable strategic improvement of IT control environment
•  Integrate risk management into each team’s continuous improvement processes, roadmaps, and strategies
• Drive/facilitate control efforts
• Provide information and feedback to the CoE and control functions as appropriate
• Influence and support the Risk mindset of EPA & ITR and DC

Qualifications

• Minimum of 6 years of Financial Services industry related experience
• Bachelor's degree preferred with Masters or equivalent experience

Leadership Competencies

• Accountability: Accountable for independent completion of assigned work in a timely manner with advanced understanding of Risk values and objectives
• Global Collaboration: Applies global perspective when working within a team by being aware of own style and ensuring all relevant parties are involved in key team tasks and decisions. Takes advantage of both formal and informal networks to get work done.
• Communication: Influences timelines and actions and effectively negotiates on behalf of stakeholders as appropriate. Shares knowledge and expertise to help team members grow and develop.
• Influencing: Convinces others by making a strong case, bringing others along to their viewpoint; maintains strong, trusting relationships while at the same time is comfortable challenging ideas.
• Innovation and Creativity: Thinks boldly and out of the box, generates new ideas and processes, and confidently pursues challenges as new avenues of opportunity.