Senior Technology Governance Consultant

** The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status.*
* Need Help? ( site FAQ-.pdf)

_If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to_  Accessibility ()

_(accommodation requests only; other inquiries won't receive a response)._

** Regular or Temporary:*
* Regular

** Language Fluency:
** English (Required)

*
* Work Shift:

*
* 1st shift (United States of America)

** Please review the following job description:*
* Responsible for the identification, tracking, resolution, and reporting of cyber and fraud risks across the Truist Protection Services (TPS) organization following enterprise information risk management policies and standards.  S/he is responsible for identifying, monitoring and reporting risks and ensure appropriate actions are taken to maintain risk and issue management metrics within tolerance. S/he is responsible for advancing the Program by driving risk mitigation activities, feeding actionable reporting to enterprise risk management committees, and coordinating with other risk managers across the firm.

The position will work closely with the Chief Security Officer and Senior Leadership and Business teams to manage risks through their full lifecycle.  The ideal candidate will have a broad knowledge of Information Security functions and Fraud, technologies (including digital/cloud), banking cyber risk management frameworks, and current cyber risks.  The ideal candidate will also have prior experience building and running an Information Security risk and issue management function in the US for a large bank with merger/acquisition transformational change.

** ESSENTIAL DUTIES AND RESPONSIBILITIES*
* Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.

+ Define and oversee issue management governance routines to maintain the health of the TPS issue management portfolio, ensuring metrics remain within established tolerances.

+ Facilitate and coordinate cross-functional meetings with stakeholders involved in risk and issue management to develop effective remediation plans aligned with Enterprise Risk Management frameworks.

+ Provide leadership and support for information security and fraud risk management across Truist Protection Services operational functions, including GRC, Fraud, Cyber Operations, Cyber Protection, and Identity & Access Management.

+ Establish and maintain program metrics for TPS, partnering with Second Line Risk Management to align with executive reporting requirements and the organization's risk appetite; ensure KPIs and KRIs are defined, implemented, tracked, and reported monthly.

+  Collaborate with issue owners, technical SMEs, GCO, and Second Line of Defense to ensure consistent risk evaluation and thorough documentation of risk rationale and mitigating controls that support risk ratings.

+  Advise process and control owners on risk identification, as well as the design, documentation, and implementation of effective controls to mitigate identified risks.

+ Drive continuous improvement by leveraging industry-standard frameworks and methodologies, gathering feedback and performance metrics (e.g., quality, delivery), and enhancing team capabilities.

+ Ensure remediation activities are executed in alignment with agreed-upon plans across all lines of defense, with a focus on effective risk mitigation.

+ Develop closure narratives and compile supporting evidence to demonstrate that risks have been remediated appropriately and in accordance with organizational risk appetite.

+ Build and strengthen partnerships with Second and Third Line of Defense teams, fostering trust through transparency, proactive communication, and consistent alignment on risk management objectives.

+…