Help us maintain the quality of jobs posted on PowerToFly. Let us know if this job is closed.
Job Details
Experience Level: Experienced Hire Categories:
- Engineering & Technology
- 7 World Trade Center, 250 Greenwich Street, New York, New York, 10007, US
- Establish an Enterprise Risk Management framework and effective internal controls environment
- Collaborate with Moody’s Corporation IT, Information Security, and Internal Audit to demonstrate leadership and stay on top of industry changes around needs and norms
- Ensure SOC compliance and both external and internal audit controls
- Lead the selection of various risk monitoring, alerting, and process management tools
- Work with technology leaders to ensure all customer-facing solutions are within tolerances for static/dynamic code analysis, patching, penetration testing, and vulnerability management, and help drive adoption of Secure SDLC practices
- Work with internal teams to ensure regulations such as GDPR are consistently understood and followed
- Coordinate the roll-out of controls and work with leaders and stakeholders to implement regular reporting and attestation of controls
- Help set expectations for risk monitoring and resilience around all processes and technologies used within Data Solutions
- Work with Corporate IT to ensure enterprise and unit-specific objectives are achieved
- Help identify and drive improvements to the availability, scalability, latency and efficiency for all products and services
- Ensure appropriate incident response mechanisms (e.g., for stakeholder identification, escalation planning, etc.) in line with best practice
- Engage with stakeholders to define and implement risk-oriented business policies such as access management, third party risk management, media handling, and so forth
- Help ensure the dissemination of enterprise standards around risk management
- 10+ years experience as a leader in Risk and Controls management
- Strong background in the design and implementation of control-focused processes and the technology to support them
- Ability to develop a full and deep understanding of business operations and how they create value and risk for organizations
- Ability to think with a control and process mindset
- Ability to effectively analyze risk within the context of the business problems
- Experience interpreting and implementing a multitude of regulatory requirements (e.g., GDPR, California Privacy, etc.)
- Prior success in meeting financial audit and regulatory requirements (SOC, etc.)
- Demonstrated understanding of controls around customer-facing technology, including:
- 5+ years experience with implementing controls in cloud computing environments
- Familiarity with secure agile software development
- Familiarity with incident detection, response, communications, and remediation. This role requires managing and participating in incident response meetings as they arise
- Ability to effectively manage cross-functional project teams with direct and indirect reports, with a proven ability to marshal matrixed resources needed to meet project deliverables
- Adaptability and flexibility to work on a variety of assignments as defined by current priorities
- Strong presentation skills involving large and varied audiences, with ability to adjust message and filter details based on audience (e.g., different nationalities, seniority levels, risk sensitivities, etc.)
- Proven ability to lead projects and initiatives within schedule and budget
About the Company
Moody's
New York City, NY, United States
In a world shaped by increasingly interconnected risks, Moody's helps customers develop a holistic view of these risks to advance their business... Read more