Reporting to the Corporate Systems Technology Risk Officer, the Technology Risk Manager will be responsible for IT risk management activities, acting as relationship manager across Business Units and Global Functions; including liaising, advising, advocating, and facilitating to identify and reduce technology risk.
With the guidance of the Corporate System Technology Risk Officer, the role is accountable for executing a consistent risk management operating model across the various business lines, working with various members of the team, including other Technology Risk Officers, ensuring that the objectives of the Technology Risk Management team are addressed. Position can be based in New York or Houston.
The Technology Risk Manager is accountable for maintaining the risk control framework and identifying, evaluating, and managing overall IT related risks across the AIG Business Units and Corporate functions.
The Technology Risk Manager will work with the Technology Risk Management team to monitor technology risks and control gaps and challenge the first line of defense. He/she will need to ensure that technology risks and their impact on business operations are understood and addressed by the business and IT leadership. This position will:
- Develop and manage relationships with key stakeholders including, Risk Officers, Business unit executives, CIOs, Internal and External Audit, Regulators, and other 2nd line functions to understand the business / functions strategies, implementation plans, and the associated technology risk in a quickly changing technology and business environment.
- Identify significant risks based on probability and severity and assist the business in assessment of impact and cost of recovery and remediation as part of contributing to a sound strategic planning process and tactical execution.
- Challenge business / functions and CIOs view of risk in strategic and tactical initiatives providing insight to the first line on key areas to address from a technology risk perspective.
- Identify critical data assets, help to identify and collect KPI/KRI/KCIs and assess appropriate risk management activities.
- Highlight technology risk in business strategies and implementation plans and identify risk of obsolescence or migration concerns in a quickly changing IT landscape.
- Develop and refine technology risk goals and objectives, and challenge business / functions and CIOs prioritization of technology risk mitigation.
- Provide regular reports on Technology Risk to show risk trends and provide insight on root cause and remediation options in collaboration with the business and IT teams.
- Support the company’s technology risk tolerance and monitor business and functions for technology risk to ensure the firm remains within the technology risk limits.
- Monitor new business initiatives for emerging technology risk and support the reporting and escalation in risk identification and evaluation.
- Manage and use the business and function risk governance and reporting framework to report and escalate where necessary using the technology risk assessment framework.
- Support technology risk event reporting process and escalate as necessary.
- Bachelor’s degree in Information Technology, Business Administration and 5+ years of experience of technology risk management.
- Professional Risk, Audit or Security certification such as CISSP, CISM, CISA, CRISC.
- Experience in risk, control and governance disciplines (e.g. Audit, Business Continuity Planning, and Regulatory Compliance). Big 4 experience a plus.
- In-depth understanding of information technology and business continuity principles and best practices across the industry as well as project management principles.
- Effective in analyzing and developing options to balance business and technology risk requirements.
- Knowledge of information and technology risk management policies, methods, standards, tools, and processes (e.g. ISO, COSO, COBIT) as well as knowledge of compliance, legal, internal / external audit, Payment Card Industry & regulatory requirements.
- Experience in assessing technology risk for third parties.
- Strong expertise in the collaboration, facilitation and coordination of the mitigation of risks. Adept at navigating governance structures. Ability to manage and analyze data. Experience raising awareness of information and technology risk throughout an organization.
- Understanding of metrics development and reporting. Strong problem solving and program execution skills. Ability to prioritize and drive difficult decisions among business partners.
- Ability to solve complex risk issues that span legal, compliance and regulatory obligations across various lines of business and shared service areas of the company.
- Strong client relationship management experience and influencing skills.
- Strong interpersonal and oral/written communication skills, able to build relationships with people at all levels. Experience developing and delivering presentations to all levels of management.
American International Group, Inc. (AIG) is a leading global insurance organization. Founded in 1919, today AIG member companies provide a wide range of property casualty insurance, life insurance, retirement products, and other financial services to customers in more than 80 countries and jurisdictions. These diverse offerings include products and services that help businesses and individuals protect their assets, manage risks and provide for retirement security. AIG common stock is listed on the New York Stock Exchange and the Tokyo Stock Exchange.
Join our Talent Network at www.aig.com/talentnetwork. Additional information about AIG can be found at www.aig.com and www.aig.com/strategyupdate | YouTube: www.youtube.com/aig | Twitter: @AIGinsurance | LinkedIn: http://www.linkedin.com/company/aig. These references with additional information about AIG have been provided as a convenience, and the information contained on such websites is not incorporated by reference into this press release.
Location/Region: New York, NY (US)