Technology - Data Risk Oversight Advisor

About the role

Position resides within the Technology and Cybersecurity Risk Oversight department, and is responsible for the delivery of data and technology second line risk management services in line with area policies, industry standards, and management expectations. The role will maintain a primary focus on data risk oversight, including governance, data quality, lineage, MDM, records retention, and related data management practices implemented at an enterprise level. Through a strong understanding of data and technology risk, the position is responsible for advising line and senior leadership as it relates to the data and technology operational risk of the businesses/functions that it supports. It is expected to do so collaboratively, drawing on team/stakeholder relationships and other risk partners, as applicable. The position will be responsible for keeping apprised of the evolving landscape of the data and technology risk management environment and proactively influencing internal personnel accordingly. Primary Responsibilities: Independently and continuously evaluate the area's management of key processes for the effective and efficient mitigation of data and technology operational risk. In a risk-based and collaborative manner, ensure underlying elements of the risk management framework accurately reflect the data and technology operational risk environment. Identify gaps or deficiencies and ensure remediation activities address the risk. Escalate through the governance structure up to and including senior management / governance committees, as appropriate. Lead initiatives to analyze various elements of said framework. Leverage existing hands-on experience in data and/or technology roles and knowledge of industry frameworks utilized by the organization or broader industry, such as DCAM, DAMA DMBoK, NIST, FFIEC AIO, and ITIL to provide guidance and build trusted partnerships with internal staff and third parties. Prepare and support with levels of oversight and guidance appropriately detailed reports/presentations for/to management relating to and providing opinions on, the state of and/or concerns with the data and technology operational risk environment of the business function. Appropriate management of the data and technology risk activities in the area for which you oversee (findings/validations, remediation plans/updates, closure and closure validation). Prepare and present materials/presentations to senior managers. Actively participate in designated risk committees and other meetings, serving as the second line of defense representative in any discussions. Ensure the communication of relevant concerns or positions taken to appropriate management. With minimal oversight, serve as an active liaison to assigned business units (BUs). Have working relationships with line management and key personnel to ensure two-way communication on issues and concerns. Escalate significant and/or unresolved risk-related matters to Department management. Assist with oversight of data and technology Risk Control Self Assessments (RCSAs) and other risk management reporting; this includes gap and delta assessments. Engage with assigned oversight areas; understanding the technology, overseeing and advising project/product work prior to implementation leveraging experience and expertise, risk management practices, existing risk register and validation of controls. Identify and assess emerging risks and risks associated with new products/ services/ markets/ channels or changes to existing products/ services/ markets/ channels. Responsible for fieldwork (analysis, investigations, incidents, KRI/KPI metrics breaches, etc.) where some of this may be supported by team Risk Specialists. Participate in remediation efforts related to internal and/or external audits and third-party in-depth assessments of data/technology business line efforts and risk management activities. Adhere to applicable operational risk controls and frameworks in accordance with Company or regulatory standards and policies and standards. Develop and produce complex and ad hoc departmental reports, spreadsheets and project work related to oversight of data and technology risks. Understand and adhere to the Company's risk and regulatory standards, policies and controls in accordance with the Company's Risk Appetite. Identify risk-related issues needing escalation to management. Promote an environment that supports belonging and reflects the M&T Bank brand. Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable. Complete other related duties as assigned. Scope of Responsibilities: The individual will be responsible for documenting engagement activities, areas of concern, and measuring the potential risk to the organization as it relates to the organization's risk appetite. This may include issuance of findings, review of remediatio

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at mtb? Share your experience