Sr. Manager, 2LoD Technology Risk Officer (Cybersecurity)

Sr. Manager, 2LoD Technology Risk Officer (Cybersecurity)

TIAA

At TIAA, we believe everyone deserves the chance for a secure retirement. Explore our annuity, financial planning advice and investing solutions.

The Technology Risk Officer (Cybersecurity) is responsible for the 2LoD challenge & oversight for the implementation and support of enterprise risk management programs for the Global Cybersecurity & Fraud Management (GCFM) organization, as well as the monitoring, escalation, reporting, and influencing prioritization of significant risks and control weaknesses.

The GCFM is organization responsible for keeping pace with the ever-changing cybersecurity and fraud management landscape, safeguarding the company’s assets from threats and attacks, and handling information technology and security risks and incidents.

Key Responsibilities and Duties :

• Strategic Initiatives – provide engagement, counsel, advice, and challenge on key strategic initiatives to ensure risks and regulatory aspects are appropriately considered and addressed.
• 2LoD Targeted Risk Assessments – support the execution of 2LoD independent targeted risk assessments to confirm control effectiveness and identify opportunities to strengthen controls to enhance confidentiality, integrity, and availability.
• Risk Appetite & Thresholds – support the maintenance, performance monitoring, and periodic updates to Enterprise & LoB risk appetite statements and breach thresholds based on direction and feedback from the CRO Teams and business leaders, as well as provide support for periodic metric performance updates to Senior Management and the Board.
• Relationship Management – build and maintain effective relationships with key 1LoD leaders (L5 / L6) via recurring, periodic 1 : 1s, and ad-hoc touchpoints to share information and position oneself as a trusted advisor.
• Policy & Standards – provide 2LoD support and challenge for IT’s documented Information Technology Policy and IT Standards, including ensuring associated controls and implementation timelines meet regulatory requirements.
• Risk and Control Self-Assessment (RCSA) – support and challenge the implementation and maturation of the RCSA program and related processes.
• Issue & Incident Management – responsible for supporting these enterprise programs and providing appropriate governance and challenge to ensure the execution of program requirements and mitigation of risk.
• Risk Management Committees – provide support to management in delivering periodic risk and compliance reporting, and partner with 1LoD to bring relevant focus topics to Senior Management and the Board.
• Operational Risk Association Engagement – provide 2LoD support and engagement to operational risk management associations.

Educational Requirements :

Work Experience :

Physical Requirements :

Required Skills :

Preferred Skills :

Anticipated Posting End Date : 2025-03-03

Base Pay Range : $127,900 / yr. - $160,000 / yr.

Company Overview :

Every worker deserves a secure retirement. For more than 100 years, TIAA has delivered it for millions of people.

Equal Opportunity :

We are an Equal Opportunity / Affirmative Action Employer.

Accessibility Support :

TIAA offers support for those who need assistance with our online application process.

J-18808-Ljbffr

Salary : $127,900 - $160,000