Job purpose
Seeking an experienced Associate-level professional to join our Capital Markets Governance and Controls function. This role supports enterprise technology governance by overseeing vulnerability management activities, coordinating architecture reviews, supporting risk and compliance processes, tracking and enforcing IT controls, and enabling clear communication across technology, risk, and business stakeholders.
This is a key role in ensuring IT initiatives align with established firm policies, standards, and control processes, while supporting transparency, efficiency, and timely decision making in a manner that benefits our aligned business units.
This is an excellent opportunity for a detail-oriented, analytically minded individual who is interested in technology, governance, risk management, and cross functional collaboration within a global financial services environment.
Key responsibilities
- Oversee and assess the effectiveness of IT control activities executed by application and service owners, and coordinate remediation efforts for identified issues or control gaps.
- Coordinate technology governance reviews through defined processes and approvals. This will focus on vulnerability management and technology architecture governance review processes with the opportunity for expansion into other IT control domains.
- Support governance documentation, review artefacts, and update/prepare status reporting to ensure completeness, accuracy, and timeliness.
- Partner with technology, risk, security, and business teams to gather information, clarify requirements, and track delivery and corresponding dependencies.
- Track and communicate overall compliance and maturity of various IT programs, including but not limited to application onboarding, security and architecture reviews, and vulnerability management, ensuring complete and timely reporting on program status to senior management stakeholders.
- Assist with the monitoring and reporting of governance metrics, workload status, and approval timelines.
- Maintain and improve governance documentation, templates, and process materials.
- Support risk related workflows, such as exceptions, approvals, renewals, and decommissioning activities.
- Contribute to process improvement efforts by identifying opportunities and taking action to enhance coordination, tooling, reporting, and documentation.
- Work with fellow members of the CMNK IT Governance & Controls team to analyze data, aid in report scheduling, completing ad hoc requests, and taking part in IT control reviews and control gap remediation.
Key competencies
- 5+ years of information technology governance, audit, and/or risk experience, preferably in banking, finance, or another highly regulated industry.
- Strong knowledge of IT governance and controls and applying that knowledge to perform risk assessments/analysis, audits, control reviews, or other form of maturity/compliance review.
- Strong knowledge of IT processes and controls, including vulnerability management, system development lifecycle, identity and access management, application support, project management, vendor management, and ability to identify critical paths and issues.
- Excellent skills working with the Microsoft suite of applications, including MS Excel, MS Project, MS Word, MS Power Point, MS Teams, & MS SharePoint.
- Proficient understanding and experience utilizing JIRA, Confluence, and PowerBI (or similar project management, collaboration, and automation tools) for managing work efforts and reporting.
- Excellent communication/presentation skills (written and oral) in cross-cultural business environment.
- Strong analytical skills with the ability to identify, document, and communicate risks or issues clearly as well as be discrete when handling confidential information.
- Strong work ethic with focus on meeting deadlines and objectives.
- Must be highly energetic, detail-orientated, proactive, and be able to prioritize when dealing with multiple assignments.
Education
- Bachelor’s/Master’s in Computer Science or equivalent experience.
