GRC Senior Manager - Vice President

The anticipated salary range for this role is between $143,000.00 and $185,000.00. The specific salary offered to an applicant will be based on their individual qualifications, experiences, and an analysis of the current compensation paid in their geography and the market for similar roles at the time of hire. The role may also be eligible for an annual discretionary incentive award. In addition to cash compensation, SMBC offers a competitive portfolio of benefits to its employees.

Role Description

SMBC is seeking an Audit & Regulatory (ARM) Senior Manager who continues to build his / her career as part of a dynamic team, the Audit & Regulatory Management (ARM) team, that specializes in the co-ordination & management of audit and regulatory requirements for the Information Security team at JRI-A. The ARM team is the primary point of contact for Information Security related audits, and it actively manages all audit and issue closure requirements to ensure the process is efficient and well-coordinated.

The ARM Senior Manager will be a hands-on manager who can independently and successfully execute the ARM process, and lead team members (as needed) to follow the process. The ARM Senior Manager will manage multiple ARM assessments and will assume the lead role for an assigned suite of audits; more complex, large scope audits will be included within this portfolio. They will be the lead point of contact and will be responsible for the co-ordination & facilitation of the audit from start to finish, ensuring the process is efficient and well-coordinated. The ARM Senior Manager will actively manage all audit requests, ensuring right artifacts are gathered and audit requests are tracked and responded to on time and be responsible for all related audit activities. In addition, they will be responsible for the successful management of the relationship between the stakeholders throughout the process. Please note this is NOT an auditor role. However, individuals with an auditor / assessor or similar background would be a plus.

Role Objectives

• Lead role for single large complex audit and or full responsibility for multiple smaller audits Responsible for coordination facilitation of audits from start to finish ensuring process is efficient and well coordinated Actively manage all audit requests ensuring right artifacts are gathered and audit requests are tracked and responded to on time Responsible for the timely escalation to ensure deliverables stay on track and be able to prioritized tasks as needed
• Manage facilitation and coordination of audit activities including but not limited to interviews documentation requests artifact requests logistical support for walkthroughs meetings facilitating follow up queries with various stakeholders and tracking status of all requested items
• Provide periodic status updates and timely feedback to Management
• Enhance coordination efforts each year ensuring inefficiencies identified in previous years are actively addressed and improved
• Communicate effectively and timely with auditors where necessary to affirm their understanding of controls in place to ensure the audit testing approach is effective and their requests are appropriate and clear In turn be able to clearly explain the request to Evidence Providers Control Owners outlining the risks controls being tested assisting them where necessary to ensure the correct artefact is provided
• Responsible for assigning work to junior staff when needed and reviewing and approving evidence submission following the ARM Process This is a critical role in our audit response process to ensure that the evidence submitted to the auditors successfully meets the audit request
• Articulate to auditors stakeholders comfortably and independently the key controls in place and identification of compensating controls be able to defend and advocate for these controls to auditors
• Responsible for the appropriate management of audit findings Engage with auditors at an early stage in preliminary findings to ensure completeness and accuracy of understanding
• Manage preliminary audit findings Engage with auditors at early stage in preliminary findings to ensure completeness and accuracy of understanding Responsible for reviewing preliminary findings for plausibility reasonability engaging with Control Owners Senior Management Relevant Subject Matters Experts as applicable Responsible for providing further information evidence to the auditor which may result in the preliminary finding being revised or removed
• Working with Service Providers Control Owners draft formal management responses to findings for Information Security management review with the expectation of minimal management oversight required
• Manage and track audit issues to closure providing periodic status updates to Information Security Management
• Provide guidance in the creation maintenance development and improvement of ARM Evidence Repository that allows the team to leverage existing evidence for similar requests
• Enforce adherence to ARM Process Standards Work with the rest of the ARM team to continuously identify areas for improvement document and implement these Share with ARM team best practices of ARM activities and processes and take lead role in rolling out improved process
• Ensure department procedures and guidelines are up to date reflecting current practices and update accordingly
• When assigning tasks to junior staff as needed ensure their understanding and perform review of assigned work Assist in development and growth of ARM staff
• Lead projects designed to expand and ensure continuous improvement in the ARM Program Take ownership for directing and assisting other members of the ARM team in the performance of their tasks as part of the project
• Take initiatives and provide leadership solutions in improving processes for a better experience for the business

Qualifications and Skills

Salary : $143,000 - $185,000