Assistant Vice President, Risk Governance and Reporting (Patch Vulnerability & Technology Risk)

Company: Navy Federal Credit Union
Location: Vienna
Posted on: May 3, 2024

Job Description:

OverviewThe Assistant Vice President for ETS Risk Governance and Reporting is a direct report to the Vice President of Risk for Navy Federals Information Technology Department. The position supports the broader Enterprise Technology Services (ETS) Risk mission to effectively manage risks, compliance and facilitate informed decision making by building an agile capability responsible for risk reporting, strategy and planning, and risk culture development.ResponsibilitiesRisk Reporting and IntelligenceCoordinate through ETS Enterprise Technology Business Services and Enterprise Risk Management (ERM) to define and develop risk reporting and metrics to include Key Risk Indicators (KRIs) for Information Technology department.Coordinate through ETS Enterprise Technology Business Services and to define and develop division-level performance metrics such as Objectives and Key Results (OKRs) and Key Performance Indicators (KPIs).Manage scheduled and ad-hoc risk reporting and presentations for executive and technology leaders to include Board, Committees, Sub-Committees, and monthly risk forums.Maintain a catalog of technology risk data, reports and dashboards that can be tailored for varying audiences (board, executives, technology leaders) to support scheduled and ad-hoc requests.Define and execute risk data aggregation methodology to support reporting requirements and identify top technology risks to the organization and analyze risk data to identify trends and insights.Drive the risk analytics and reporting program to higher levels of maturity with a focus on automation of data collection and dashboard creation.Define risk data management (in include data quality) and reporting requirements as well as develop risk reporting procedures.Planning and StrategyCollaborate to establish goals, standards, and strategies for ETS Risk in alignment with enterprise and departmental objectives to include annual goals and a multi-year roadmap.Management of the division backlog of work projects and initiatives to include prioritization.Management of the division mission, vision, and value statements.Oversee the preparation and execution of Annual Financial Planning for the division.Development and management of Department-level calendar of audit, risk assessment and controls testing activity.Coordinate through ETS's Talent Development & Communications group to develop, manage, and execute on a talent development strategy.Risk CultureCoordinate through ETSs Talent Development & Communications group to develop, manage, and orchestrate risk management-related training and communication campaigns.AdministrativeMonitoring and tracking of second line-of-defense obligations to include Risk & Control Self-Assessments (RCSAs), Business Impact Assessments (BIAs), controls testing, issues reporting and reporting of compliance issues and risks.Management of the ETS Risk Service Catalog and Operating Model to include tracking and management of interaction models for the various ETS functional areas.Management of ETS updates to the ERM Technology PRC (Process, Risk, Control) Taxonomy.Oversee knowledge management for the division.Perform supervisory/managerial responsibilities.Perform other duties as assigned.QualificationsBachelor's degree in a relevant field, or the equivalent combination of education, training and/or experience.Significant, proven experience defining key measurements that will drive visibility, accountability, quality and overall IT/Security effectiveness.Significant, proven experience with developing Key Risk Indicators (KRIs), Key Performance Indictors (KPIs), and Objectives & Key Results (OKRs)Experience in risk management, reporting and analytics, strategic planning, and management of personnel.Ability to own, maintain interactions with diverse sources of data to include databases, connectors, feeds, APIs and other systems that can provide data towards reporting and metrics.Working knowledge of at least one industry-leading risk management framework(e.g. OCTAVE, COBIT etc.)Advanced knowledge of information technology and information security concepts, principles, capabilities, and methods, and translating best practices to operations in a risk management framework.Advanced knowledge of information technology process, risks, and controlsStrong proficiency in Microsoft Office applications.Proficiency with Splunk, ServiceNow and Azure DevOps.Strong presentation skills and the ability to adjust message and filter details based on audience(e.g. technical, business, management).Ability to work individually, and as part of a team.Strong written and oral communication skills.Advanced organizational, planning and time management skills.Advanced research, analytical, and problem-solving skills.Advanced skill developing and implementing programs in a leadership role.Advanced skill building effective relationships with all levels of staff, management, stakeholders, and vendors, through rapport, trust, diplomacy, and tact.Significant experience collaborating across organizational boundaries and building partnerships across functions.Advanced skill to influence, negotiate and persuade to reach agreeable exchange and positive outcomes.Advanced skill exercising initiative and using good judgment to make sound decisions.Advanced verbal, written, interpersonal, and presentation skills to communicate clearly and concisely technical and non-technical information to all levels of management.Experience working with internal audit and external examiners.Working knowledge of NCUA and FFIEC regulations, GLBA, PCI, and other information systems requirements and frameworks.Hours: Monday - Friday, 8:00AM - 4:30PMLocation: 820 Follin Lane, Vienna, VA 22180 - 5550 Heritage Oaks Dr. Pensacola, FL 32526Working Conditions: Minimum three days-a-week in the office at Vienna, VA or Pensacola, FL (occasional travel between these locations is required)About UsYou have goals, dreams, hobbies, and things you're passionate aboutwhat's important to you is important to us. We're looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to themfriends, family, and passions. And we're looking for team members who are passionate about our missionmaking a difference in military members' and their families' lives. Together, we can make it happen. Don't take our word for it: Military Times 2022 Best for Vets Employers WayUp Top 100 Internship Programs Forbes 2022 The Best Employers for New Grads Fortune Best Workplaces for Women Fortune 100 Best Companies to Work For Computerworld Best Places to Work in IT Ripplematch Campus Forward Award - Excellence in Early Career Hiring Fortune Best Place to Work for Financial and Insurance ServicesEqual Employment Opportunity: Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability EOE/AA/M/F/Veteran/DisabilityDisclaimers: Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position. Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring teams discretion based on qualified applicant volume. Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market positionBank Secrecy Act: Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.by Jobble

Keywords: Navy Federal Credit Union, Richmond , Assistant Vice President, Risk Governance and Reporting (Patch Vulnerability & Technology Risk), Executive , Vienna, Virginia