SMD Information Risk Mgmt
Webster Bank

Job Info

---

Job Description

If you're looking for a meaningful career, you'll find it here at Webster. Founded in 1935, our focus has always been to put people first--doing whatever we can to help individuals, families, businesses and our colleagues achieve their financial goals. As a leading commercial bank, we remain passionate about serving our clients and supporting our communities. Integrity, Collaboration, Accountability, Agility, Respect, Excellence are Webster's values, these set us apart as a bank and as an employer.

Come join our team where you can expand your career potential, benefit from our robust development opportunities, and enjoy meaningful work!

The Head of 2nd line Information Risk helps the bank ensure that Information risks and controls are effectively managed, by establishing the Info risk management framework and policies, developing and overseeing the effective execution of risk management programs and providing effective challenge to the First Line. The leader chairs the Information Risk Committee and is a member of the Enterprise Risk Management Committee and a recurring participant in the Risk Committee of the Board. This position reports to the Executive Managing Director of Operational and Information Risk.

• The candidate will be part of the 2nd line of defense Information Risk Management team responsible for managing risk frameworks, appetite and policies, and providing independent oversight, review and credible challenge of risk management activities.
  
• This role will report to the Head of Operation Risk Management.
  
• The individual will work in concert with the operation risk management team, including the third-party risk management team, to ensure closure coordination, integration, transparency and awareness of information risks across all risk management programs.
  
• Provides 2nd Line risk oversight of the Information Risk Management Program and provides direct 2nd Line support for the Information Technology Management Programs, including policies/standards/procedures, strategies, material risks, risk reporting routines and metrics.
  
• Provide independent credible review and challenge of 1st Line Risk and Control Self-Assessments, including process mapping, identification and assessment of risk, identification of controls, and assessments of control design and effectiveness.
  
• Chair the Information Risk Committee in partnership with the Information Risk FLCO, member of the Enterprise Risk Committee, and regular contributor to the Risk Committee of the Board.
  
• Independently serves as a trusted partner and risk advisor to key stakeholders and business partners across all lines of defense.
  
• Provide direct support for regulatory exams and interactions, including risk remediation activities.
  
• Oversee and opine on policy exceptions and risk acceptances within the risk governance framework, ensuring appropriateness and periodic review.
  
• Provide support and guidance to development and maintenance of control inventories.
  
• Establish and execute 2nd line testing protocols and provide independent review and challenge of front-line testing results.
  
• Maintains overall Webster Technology process taxonomy.
  
• Supports the integration with the central GRC platform.
  
• Point of escalation non-compliance to policies and standards. Monitor the status of Info Risk issues to ensure timely resolution and to identify key thematic issues.
  
• In partnership with legal and compliance, monitor for new legal requirements and communicate as required. Monitor progress toward implementation.
  
• Positively contribute to the risk culture and overall awareness of information risk and contribute to the creation and delivery of information risk management training.
  

Experience:

• 15+ years of experience in Risk or Audit functions in a banking environment.
  
• 10 years of experience in leadership and IT project management.
  
• Managing and synthesis of complex and potentially conflicting data into simple, actionable reporting.
  
• Strong familiarity with technology, and an aptitude for learning emerging technologies and how regulatory requirements may evolve.
  
• Strong written and verbal communication skills - ability to collaborate and communicate up/down and across the organization with internal/external partners.
  
• Ability to plainly describe risk concepts to first line operational personnel.
  
• Ability to resolve conflicting opinions without compromising high quality risk management.
  
• CISA, CRISC or CISSP desired.
  

The estimated salary range for this position is $220,000 USD to $235,000 USD. Actual salary may vary up or down depending on job-related factors which may include knowledge, skills, experience, and location. In addition, this position is eligible for incentive compensation..

#LI-JW1

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

This job has expired.