SF Operational Risk - Risk Management - Principal (Flexible Hybrid)

the enterprise and recommend updates and changes.

• Recommend changes and updates to management about processes to reduce risk
• Collaborate with management to make recommendations on resolutions and control guidelines.
• Partner with management to develop business strategies and make decisions that will drive success in the face of shifting consumer behaviors and regulations.
• Partner with first and second lines of defense and other peer risk teams to understand the landscape of risk for SF across the various risk types listed above, develop approach to gathering appropriate data and information and communicating to the SFOR Business Risk teams as well as to the SF business unit as appropriate.
• Act as SME for the various risk types for SFOR and SF and educate the team and business to bring them along on the journey.

Qualifications
THE EXPERIENCE YOU BRING TO THE TEAM
Minimum Required Experiences

• 8 years

Desired Experiences

• Bachelor's degree in Computer Science, Information Technology, Information Systems, Risk Management, or related field.
• Technical Certifications a plus: Certified Cloud Security Professional (CCSP), CompTIA Cloud+, (Cisco Certified Network Professional) CCNP, AWS Certified Solutions Architect, Microsoft Certified Azure Developer or Engineer, Google Professional Cloud Network Engineer
• Risk Management and/or Operational Risk Certifications a plus (e.g. American Business Association certifications, Risk Management Professional)
• Must have strong, proven experience specifically in Technology/Information Security/Cyber Risk Management/Cloud background, Data Risk Management, 3rd party risk management (including experience in 4th party risk management) and/or Model Risk Management
• Working knowledge of technology risk, 3rd party risk and model risk management frameworks, methodologies, and standards, such as COBIT, ISO 27001, NIST, etc.
• Experience working in first and/or second line risk organizations in support of Technology/IS, Data, Third Party and/or Model risk programs.

Skills

• Risk framework development and understanding including identifying risks, evaluating, designing and documenting controls, conducting impact assessments, identifying control gaps, remediating risk, audits, regulatory exams, etc.
• Skilled in creating visual concepts, creating content, and editing content by hand or with the help with computer software to communicate ideas
• Working with people with different functional expertise respectfully and cooperatively to work toward a common goal
• Framework and governance development including designing and establishing frameworks, developing roadmaps, translating into needs of the team and business, etc.
• Skilled in presenting information and/or ideas to an audience in a way that is engaging and easy to understand, specifically to Executive and Senior Leadership
• Influencing including negotiating, persuading others, facilitating meetings, and resolving conflict
• Relationship Management including managing and engaging stakeholders, customers, vendors, and building relationship networks
• Experience helping an organization to plan and manage change in effort to meet strategic objectives
• Adept at managing project plans, resources, and people to ensure successful project completion
• Experience identifying and selecting strategic options, and identifying resources to meet the defined objectives

Tools

• Experience using Risk Works
• Skilled in InfoPath
• Experience using SharePoint
• Skilled in Tableau
• Skilled in MS Office Tools
• Experience using Fusion Risk Management
• Skilled in Plan It for scheduling
• Skilled in Microsoft Teams
• Skilled in Visio