Director, IT Risk Management

Director, It Risk Management

Common Securitization Solutions (CSS) is seeking an experienced Director, IT Risk Management to join our team of talented professionals.

CSS built and operates the largest and most advanced mortgage securitization platform in the world, supporting the Uniform Mortgage-Backed Security (UMBS) of Fannie Mae and Freddie Mac.

Supporting 70% of the mortgage-backed securities in the market, CSS provides best-in-class single-family issuance, bond administration, disclosure, and tax services. We support a broad portfolio of products for our clients with full lifecycle management.

Our market-leading, cloud-based, end-to-end platform executes transactions on an extraordinary scale which has bolstered liquidity in the secondary mortgage market, one of the largest and most important financial markets in the world. Our unique approach to securitization combines the best minds in financial services with the know-how, flexibility, and innovation of leading technologists.

Responsibilities

This role will report to the Chief Risk Officer to provide leadership and subject matter expertise (SME) relative to technology/cloud, information security, information management, and business resiliency risk assessments, effective risk management practices, and related reporting.

This role requires a leader with demonstrated technical and risk management experience in managing and supporting cross-functional business areas and corporate stakeholders relative to effective and timely identification, analysis, remediation, management, and reporting of risk to various management levels and committees. A successful candidate will have a collaborative work ethic/style, strong communication/presentation (verbal and written) and negotiation skills, and demonstrated knowledge and experience in information technology, information security/information management, and business resiliency programs.

Key job functions include

• Ensuring completion of comprehensive risk assessments, documentation, risk mitigation guidance, and related reporting for key enterprise initiatives across various platforms/environments (i.e., cloud, etc.), including efforts including external partners and/or clients.
• Ensuring thorough review/credible challenge of identified risks, issue mitigation/remediation, monitoring, and reporting.
• Being a thought leader seeking to maximize opportunities within regulations to create a high-performing balance sheet.
• Collaborating with training and development to increase the financial acumen of the organization.
• Attending and contributing to enterprise-wide meetings and committees.
• Being responsible for risk assessment and guidance regarding the enterprise change management process, SLOD risk assessment reviews, guidance, and related decisioning.
• Monitoring and reporting on technology, information security, information management emerging and key risks impacting and/or potentially impacting the enterprise, from a SLOD perspective.
• Providing senior management and related committees with SLOD technology, information security/information management risk perspective and/or profile updates on a periodic basis.
• Providing backup support to the risk assessment and management of artificial intelligence, machine learning, and robotics process automation solutions.
• Managing a team providing regular feedback, coaching, and performance management.

Qualifications

Education

• At a minimum, a bachelor's degree from an accredited 4-year college or university.

Minimum experience:

• Minimum of 10 years of experience in technology, information security, business resiliency, and operational risk management.
• Minimum 3 years of experience managing people.
• Active participation/engagement in technology, information security, and risk management conferences, webinars, and related activities, to ensure awareness and competency regarding technology risk, information security/cloud, information management risk threat landscapes, effective risk management practices/standards, and risk management tools/solutions, is expected.
• Has certification(s) relative to technology platforms, standards, and environments, information security, data management, and/or risk management disciplines.
• Applicants must be authorized to work in the US without requiring employer sponsorship currently or in the future. CSS does not offer H-1B sponsorship for this position.

Specialized knowledge & skills:

• Progressive experience leading technology risk, information security enterprise/operational risk management and cross-functional teams and managing projects.
• Hands-on, independent, and accountable management style.
• Strong written and verbal communication skills with the capability of managing multiple co