Technology Risk Sr Associate

The Technology Risk Sr. Associate role is responsible for the 2LoD challenge for the implementation and support of enterprise risk management programs for the (1) Retirement, Marketing & Digital Client Technology (a large application development team), and (2) Digital & Client Experience organizations, as well as the escalation and reporting of significant risks and controls weaknesses.

Key Responsibilities and Duties

• Responsible for supporting the Issue Management Program and providing appropriate governance and challenge to ensure the execution of program requirements and mitigation of risk to the enterprise. Provide 2LoD challenge for issue rating criticality and linkage to the Risk & Control Self-Assessment (RCSA) program.
• Action plans to ensure they adequately address the identified control gaps.
• Risk-accepted issues for adherence to requirements.
• Responsible for working closely with 1LoD IT staff and issue / action plan owners to ensure they understand Issue Management Program expectations and provide guidance as needed.
• Support the implementation and maturation of the RCSA program and related processes.
• Effectively coordinate with the IT Risk to ensure that the implementation of the RCSA program includes the appropriate identification of technology risks and control weaknesses.
• Work in collaboration with business-aligned control teams to ensure RCSAs provide a full view of the technology control environment that the businesses are reliant upon to support their critical business functions.
• Review and track the root causes for major technology incidents to identify and highlight potential thematic concerns.
• Review application/infrastructure-specific control gaps (i.e. ITRC breaks) to identify and document broader thematic issues and remediation plans.
• Provide support to management for 2LoD cadences and reporting (e.g. risk management committee), and provide input on current/future key risk indicators (KRIs).
• Support the proactive identification emerging risks and trends (both internal and external) that could have a negative impact on the ability to achieve the goals and objectives of business groups.
• Monitor supplier/affiliate risks associated with third-party application control gaps or weaknesses.

Educational Requirements

• University (Degree) Preferred

Work Experience

• 3+ Years Required; 5+ Years Preferred

Physical Requirements

• Physical Requirements: Sedentary Work

Career Level
7IC

Qualifications:

Required Qualifications:

• 3 years of experience in IT Risk Management, IT Audit, IT Compliance, Technology/Cybersecurity, and/or IT Program Management.

Preferred Experience:

• 5+ years of experience in IT Risk Management, IT Audit, IT Compliance, Technology/Cybersecurity, and/or IT Program Management preferred.
• Bachelor's Degree in Information Technology (IT), Cybersecurity / Fraud, or other Compliance / Audit-related disciplines.
• Certifications: CISA, CISSP, and/or CRISC.
• Strong technology acumen, critical thinking, and analytical skills.
• Understanding of technology operations/processes, as well as experience with evaluating technology-related risks and controls.
• Knowledge of application development lifecycles and methodologies (e.g. Agile), as well as change management processes.
• Relationship management skills to build trust and effective working relationships with 1LoD partners.
• Ability to identify, analyze, and communicate current activities and controls against expectations for remediation of risk.
• Strong verbal/written communication and time management skills.
• A "self-starter", and ability to demonstrate flexibility with assignments.
• Proficient in the use of tools to export data and/or create reports (e.g. Excel, Tableau, Archer GRC).

Base Pay Range: $87,300/yr. - $145,500/yr.

Actual base salary may vary based upon, but not limited to, relevant experience, time in role, base salary of internal peers, prior performance, business sector, and geographic location. In addition to base salary, the competitive compensation package may include, depending on the role, participation in an incentive program linked to performance (for example, annual discretionary incentive programs, non-annual sales incentive plans, or other non-annual incentive plans).

Company Overview

TIAA is the leading provider of financial services in the academic, research, medical, cultural and government fields. We offer a wide range of financial solutions, including investing, banking, advice and education, and retirement services.

COVID-19 Vaccination

TIAA requires all U.S. employees to be fully vaccinated against COVID-19 and provide documentation of full vaccination, unless you qualify for an accommodation as determined by TIAA consistent with applicable law.

Benefits and Total Rewards

The organization is committed to making financial well-being possible for its clients, and is equally committed to the well-being of our associates. That's why we offer a comprehensive Total Rewards package designed to make a positive difference in the lives of our associates and their loved ones. Our benefits include a superior retirement program and highly competitive health, wellness and work life offerings that can help you achieve and maintain your best possible physical, emotional and financial well-being. To learn more about your benefits, please review our Benefits Summary.

Equal Opportunity

We are an Equal Opportunity/Affirmative Action Employer. We consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other protected status.

Read more about the Equal Opportunity Law here.

Accessibility Support

TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers, including individuals with disabilities.

If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team:

Phone: (800) 842-2755

Email: [email protected]

Privacy Notices

For Applicants of TIAA, Nuveen and Affiliates residing in US (other than California), click here.

For Applicants of TIAA, Nuveen and Affiliates residing in California, please click here.

For Applicants of Nuveen residing in Europe and APAC, please click here.

For Applicants of Greenwood residing in Brazil (English), click here.

For Applicants of Greenwood residing in Brazil (Portuguese), click here.

For Applicants of Westchester residing in Brazil (English), click here.

For Applicants of Westchester residing in Brazil (Portuguese), click here.