VP, Product Risk and Controls

Position Summary: The Vice President, Product Risk and Controls will be a critical member of the Product leadership team, with responsibility to design, build out, and champion First Line of Defense (FLOD) risk management activities in the Product and Strategy organizations. The role will work with the Chief Product Officer, Chief Risk Officer and others in establishing an embedded FLOD capability in the Product and Strategy Organizations, with goals of 1) enhancing risk culture; 2) elevating the efficiency and effectiveness of existing Product risk and controls activities, including adherence to risk appetite, executing targeted product risk assessments, execution of the RCSA (risk & control self-assessment), identification and management of issues; 3) aligning product and strategy practices and tools with leading practices being implemented in other areas of TCH (e.g. Technology and Operations), in coordination with the other risk professionals in the company; and 4) supporting Product and Strategy activities required to manage audit and examination activities.

The VP, Product Risk and Controls is responsible for identifying and assessing risk management as well as the effectiveness of controls for all product and innovation activities across the TCH Product and Strategy portfolio and working with the teams to own and remediate risk and enhance procedures and controls. Specific products that will be included are CHIPS (Wire), EPN (ACH), Check Image, RTP, Token, Fraud and other newer products as required. This work will involve collecting information and artifacts regarding control execution, in order to identify areas of improvement and provide support to implement enhancements.

This role will work with Product Managers and the Strategy team to communicate and implement risk management methodology and processes in coordination across First, Second and Third Lines of Defense and in alignment with the TCH Company Risk Policy. Additionally, the role will involve extensive interaction with TCH’s external stakeholders, including supervisors.

Essential Functions and Responsibilities:

• Work with Chief Product Officer, Chief Risk Officer, Strategy, and Enterprise Risk Management on the strategic roll out of the FLOD strategy for the Product and Strategy Teams
• Provide thought leadership and constructive challenge to Product and Strategy leaders to enhance risk culture and awareness of risk issues in the organization
• Support Product and Strategy teams on all aspects of in-business risk and control
• Perform and review RCSA and control testing to ensure operational effectiveness of controls
• Assist in coordinating risk and control information for audits and external reviews (e.g. supervisors, external audit, etc.)
• Assist Enterprise Risk Management in evolution of TCH risk appetite statements to align with product and strategy risks and objectives
• Apply sound judgment in evaluating risks and controls. Effectively challenge product, operations, and technology leads on the identification and acceptance of risks and the adequacy of controls.
• Assess and highlight opportunities for improvement around risk culture, knowledge and process
• Build, maintain and enhance business relations with department and business heads for the smooth implementation of risk management activities across the organization.
• Represent TCH at the internal and external risk committees, and to the supervisors, to provide periodic updates on risk matters.
• Ensure the organization's risk profile as related to its activities and dependencies are in alignment with the TCH Business Strategy and Risk Appetite.
• Ensure TCH’s Risk Culture is positively impacted through effective risk training and risk tools.
• Manage and develop junior team members and manage consultants as applicable.
• Analyze metrics, help identify areas of improvement and collaborate on the enhancement efforts
• Track and report on the status of self-identified issues and remediation plans
• Perform independent process reviews

Qualifications Required:

• Bachelor’s degree in risk management, business administration, finance, or a related area degree
• At least 6-8 years of risk management experience serving as a subject matter expert in Enterprise or Operational Risk Management (preferably related to Operations, Technology, or Product management).
• 10 years of financial services work experience managing and implementing enterprise-wide projects, multi-tasking on projects with competing priorities, process decomposition and reengineering, risk assessments, due diligence, Operational Risk Management, Enterprise Risk Management, Product management, and/or Technology Risk Management.
• Proven experience in working with or contributing to First Line of Defense or ERM and/or ORM framework in a dynamic and complex organization.
• Applied experience with risk governance and control industry frameworks, such as COSO or equivalents.
• Current knowledge of regulations and emerging industry risks and trends in the finance, banking and payments system industry.
• Ability to understand management objectives, risk appetite, tolerances and impact of changes to risk profiles.
• Familiarity with risk management and control frameworks
• Experience in analyzing or managing business processes such as in a high impact technology service delivery environment
• Strong analytical skills with ability to organize, analyze and present information
• Excellent communication skills, written and oral
• Demonstrated ability to influence peers to achieve mutually beneficial outcomes
• Attention to detail and organization

Qualifications desired:

• Advanced degree such as Masters in Risk Management, or MBA in Finance, Business or a related field.
• Product risk management experience in the payments industry.
• FRM, PRMIA or other Risk Management certification.
• Technology and/or Information Security risk related certification (e.g. CISSP, CRISC, CISA).
• Experience working with IT risk frameworks such as NIST, COBIT, and ITIL.
• Experience designing and implementing Risk Taxonomies, Risk Measurement methodologies and or Key Risk Indicator frameworks.
• Experience in Payments and/or Banking related fields, including Payments or Banking Technology.
• RSA Archer or other GRC experience.
• Knowledge of change management processes e.g. experience with SDLC, Agile.
• Knowledge of IT risk, security architecture design, network security, cloud/mobile security, data security and internal/external threat intelligence/analysis

Physical demands and work environment: Work is generally sedentary in nature. The working environment is generally favorable. Lighting and temperature are adequate, and there are no hazardous or unpleasant conditions caused by noise, dust, etc. Work is generally performed within an office environment, with standard office equipment available.

Employees in this position will report to the office 2-3 days per week. Occasional travel may be required. Onsite work requirements may change at any time.

The anticipated annual salary range for NY-based candidates for this position is $190,000 - $220,000. Base salary and position level will be determined by the role, experience, skill set and location. For eligible positions, discretionary incentive compensation may be awarded contingent on personal and company performance. Our benefits program includes medical, dental, vision, life insurance, 401k plan with company contribution and company match, tuition reimbursement, parental leave and more.

Salary : $190,000 - $220,000