Senior IT Risk Manager (Financial Services), Risk and Compliance Solutions

Jun 18, 2024
Jun 26, 2024
Manager, Staff, Senior
Work Mode
Work from office
Full Time
Organization Type
Amazon Payments is growing fast and the Financial Services Risk Management team supporting this business continues to mature its Risk Management support for our regulated payments products across the globe.
We're looking for an experienced IT Risk manager to help drive us to the next level of maturity in our IT Risk programs and controls. This role works as part of the Second Line of Defence (2LoD) Global Risk team and will be responsible for technology risk across 12 jurisdictions worldwide.
We want someone ready to partner across our cutting-edge technology and security engineering groups to identify and manage areas of risk. The right person will get the opportunity to leverage and grow your technology risk skills, expand your knowledge and work within a fast paced and exciting environment.
Key Accountabilities include:
- Risk Management Expert: Experienced specialist in information technology risk management, including cybersecurity principles, cloud strategies, payment technologies (preferable) and IT operational processes.
- Risk Appetite: Engage closely with the Compliance Officer team to establish appropriate risk appetite metrics, KRIs, and other monitoring to ensure Risk Tolerances are appropriately monitored.
- Risk Position and Profile: Implement detailed, data driven narratives to inform Management of risk profile related to a variety of IT Risk and Security topics. Provide risk position and challenge on new products, changes, and risk remediation efforts.
- Regulatory Awareness: Apply expert risk-based guidance on adherence to Information Technology and Cybersecurity risk-related regulations from the CSSF, FCA, MAS and other applicable regulatory bodies.
- Influencer: Build and maintain relationships with key business and operational stakeholders, serving as a credible challenger regarding Amazon Payments Information Technology and Cybersecurity Risk treatment.
Key job responsibilities
- Provide credible challenge across all information, technology, and cybersecurity risks both enabling business growth while maintaining related risks within appetite.
- Influence global payments technology risk management policies and frameworks to ensure requirements are met. This role is responsible for implementing the global IT risk policies for supported regions.
- Manage and drive remediation of IT exceptions which are outside of risk appetite.
- Implementing a technology risk management framework which considers industry best practice, relevant information and communication technology (ICT) and security legislation across regions which Amazon pay operates in.
- Assessing key controls and providing IT risk and governance feedback on key projects.
- Provide subject matter expertise in terms of best practice, ICT regulatory requirements, IT resiliency plans and risk mitigation.
- Maintain good relationships with key technology teams and work with these teams to gain a good understanding of the IT architecture to provide a view of the IT risk profile for region.
- Responsible for the review of controls relating to information, technology, and cybersecurity risks.
- Perform deep dives on technology compliance-related processes and systems.
- Identify system limitations that could lead to regulatory risks in new products and services, and provide guidance for resolution and risk mitigation.
- Investigating IT operational risk events and incidents, ensuring root cause analysis and remediation of controls, where required.
- Provide advice to stakeholders regarding the remediation of IT audit findings and implementation of recommended actions.
We are open to hiring candidates to work out of one of the following locations:
Bangalore, KA, IND
Basic Qualifications
- 8+ years of compliance, audit or risk management experience
- Master's degree or equivalent
- Demonstrable knowledge of EU/UK/US regulatory regimes with respect to IT Risk expectations.
- 5+ years of experience of leading a 2LoD IT risk support, delivering advisory/risk assessments on ITC risks.
- Excellent written and verbal communication skills.
- Demonstrable experience of delivering through ambiguity with strong bias for action.
- 3+ years of experience of line managing direct reports.
Preferred Qualifications
- Experience developing and implementing of standards, policies and programs or equivalent