Director of Regulatory Compliance
Posted on Jun 23, 2022 by Request Technology - Craig Johnson
*We are unable to sponsor for this permanent Full time role*
*Position is bonus eligible*
Prestigious Financial Institution is currently seeking a Director of Regulatory Compliance. Candidate will work in conjunction with the Executive Director, Regulatory Compliance, identify and establish processes (including policies and procedures), controls and tools required to provide regulatory advisory services for the IT and Security Services departments.
Provide regulatory advisory services spanning highly technical subject matter areas concerning information technology (including governance, networking, cloud architecture, containerization and agile delivery etc.), security services (including threat & vulnerability management, data & information management, data loss & privacy, security operations etc.) and other related areas.
Provide guidance to first line of defense (business units) related to effective demonstration of compliance with regulatory obligations covering their areas.
Provide guidance to the business on the development and implementation of effective remediation plans to address internal or external findings.
Assist business units with the identification, understanding, and development of processes, policies, procedures, and controls that effectively demonstrate compliance with regulatory obligations.
Assist the compliance monitoring program in support of providing frequent and highly professional reports to the CCO, executive management, and the Board of Directors.
Interact and communicate in a highly effective, professional, and insightful manner with business colleagues within the company, as well as regulators, clearing members and other third parties.
Exhibit and foster a strong compliance culture across all staff members.
Exhibit and foster strong collaboration across OCC's control functions (ie, internal audit, enterprise risk management, compliance, model validation).
Assist in the writing of the annual compliance report, as well as other ad hoc and regularly occurring reports.
Keep abreast of changes in regulatory environment and industry best practices/frameworks (ie, NIST, COBIT, ISO, etc.). Identify, hire, and manage the staffing resources for the Regulatory Compliance (IT and Security Services) team.
Provide ongoing constructive feedback for staff members, including as part of performance reviews.
Develop and foster a high-performing culture that provides learning and continuous improvement opportunities for staff.
8+ years of compliance and/or technology and security experience.
Strong working knowledge of securities and commodities rules and regulations. (ie, SEC, CFTC, etc.).
Strong working knowledge of compliance related best practices.
Experienced in risk and control frameworks, and process improvement frameworks (eg COBIT, COSO, ITIL, NIST, ISO 27001, ISO 9001, CMMI).
Experienced with Systems Development Life Cycle (SDLC) process (Waterfall & Agile).
Strong working knowledge of the financial industry.
Strong working knowledge of IT and Information Security practices including IT Governance, architecture, cloud computing, networking, data & information management, security operations, Agile delivery etc.
Excellent organizational and communication skills.
Comprehensive analytical, conceptual and problem-solving skills .
Ability to support the entire Compliance Program, including policy and procedure management, process and control management, testing, monitoring, risk assessment, and findings management.
Ability to manage and prioritize assignments and respond to rapidly shifting priorities.
Ability to work independently and as a member of a team, collaborating with internal business clients at various levels of seniority.
Must be able to work under deadlines and manage multiple tasks.
Proficiency with MS Office software, GRC tools, Document Management tools and reporting tools.
Experience using an integrated risk management system (such as RSA Archer) preferred.
Experience using NAVEX Global and PolicyTech preferred. 8+ years of experience in IT Compliance, IT, Information Security and/or any combinations of these.
Direct supervisory and managerial experience preferred.
Bachelor's degree or equivalent degree required in a related discipline (Computer Science, Business Administration, etc.).