Overview
The Assistant Manager, Enterprise Technology Services (ETS) Controls, will play a pivotal role in supporting the ETS department by overseeing the Application Risk Assessment (ARA) and related initiatives. Working closely with application owners, this role will focus on developing and maintaining comprehensive risk and control matrices to effectively identify, assess, monitor, update, and report on the ETS risk landscape. This includes evaluating IT General Controls (ITGCs) across critical ETS processes such as Access Management, Change Management, and Disaster Recovery.
Key responsibilities will involve leading discussions, identifying controls, documenting and testing controls, and collaborating across various lines of defense to establish ownership. The position requires building strong partnerships with risk stakeholders and application owners within ETS and across the organization.
The Assistant Manager will lead strategic initiatives, leveraging their expertise to develop and implement robust compliance frameworks. They will serve as a subject matter expert, providing guidance on risk management strategies and ensuring alignment with organizational goals. The role demands both independent initiative and strong teamwork skills to drive effective outcomes.
Overall, the Assistant Manager, ETS Controls, will contribute significantly to enhancing the organization's risk management framework and fostering a culture of proactive risk mitigation.
Responsibilities
Manage the development of the Application Risk Assessment process and methodology, including the evaluation and documentation of controls.
Assist in the identification and development technology solutions and improvements for application control assessments, especially for ServiceNow GRC.
Manage communication of requirements for the developed Application Risk Assessment, including operating model development and execution for ETS and considering all internal and external stakeholders.
Lead a team to conduct control design and performance assessments for application IT General Controls (ITGCs).
Assist in Managing risk assessment initiatives in alignment with enterprise goals and regulatory expectations.
Collaborate with process owners and other business units to facilitate risk conversations, identify potential business risks, operational and regulatory process deficiencies, and improvement opportunities.
Manage the identification and documentation of control deficiencies, and conduct quality control reviews.
Manage a team to identify critical risk and/or control areas to monitor and escalate findings to appropriate stakeholders.
Assist in managing the development of opportunities for new and/or improved processes, best practices, data, or technology; provide clear picture of outcomes, especially in relation to IT application control compliance and the impact on business processes.
Assist in managing the alignment of application risk assessments with organizational strategic goals and compliance requirements.
Manage communication of requirements for the developed Application Risk Assessment, including operating model development and execution for ETS and considering all internal and external stakeholders.
Identify training opportunities and mentor lower level staff.
Assess exposure to risk, develop ways to measure risk, and review related policies and procedures to minimize risk.
Analyze changes in policies, procedures, and products; determine the impact on the group functions.
Conduct benchmarking, trend analysis, and other input to drive continuous improvement and elevate service performance.
Solve business problems by defining the problem, interviewing stakeholders, identifying, and evaluating alternatives, and presenting findings.
Ensure compliance with Navy Federal Credit Union ETS standards and best practices.
Performs other related duties as assigned.
Manage a t